The recent cyberattack on Ukraine’s power grid was the first of its kind and signals “new territory” for potential offensive military applications, an analyst said.
The Dec. 23 hack reportedly left hundreds of thousands of homes — about half — in the Ivano-Frankivsk region of the country without electricity, according to multiple press reports. Officials had to manually restore power.
Researchers at iSIGHT Partners, a cyberthreat intelligence company in Virginia, said malware infected at least three regional power authorities, leading to “destructive events” that caused the blackout, according to an article by Dan Goodin, security editor at Ars Technica.
The attack seems likely perpetrated by Russia or a Russian group given the country’s military intervention in the Ukraine. Indeed, some of the malicious computer code may be linked to an organization called the Sandworm gang with ties to Russia. But Stephen Ward, a senior manager at iSIGHT Partners, said it’s too early to tell who or which entity is likely responsible.
Regardless of who did it, the attack signals a concerning development with major implications to politics and warfare, Ward said.
“For cyber to be more than just an intelligence-collection platform … to a component of geopolitical conflict, I think, is alarming,” he said in a telephone interview.
“It’s definitely new territory and the crossing of what had been perceived as a bright red line,” he added. “We’ve got to be concerned. This leads to a potential future where fairly easy targeting — spear-fishing and easy access into networks — could result in some major disruptions.”