Hack of Ukrainian Power Grid Marks ‘New Territory,’ Analyst Says

A mobile gas turbine power plant works to provide electricity in Stroganovka village outside Simferopol, Crimea, Sunday, Nov. 22, 2015. Russia's Energy Ministry says nearly 2 million people on the Crimean Peninsula are without electricity after two transmission towers in Ukraine were damaged by explosions. (AP Photo/Alexander Polegenko)A mobile gas turbine power plant works to provide electricity in Stroganovka village outside Simferopol, Crimea, Sunday, Nov. 22, 2015. Russia's Energy Ministry says nearly 2 million people on the Crimean Peninsula are without electricity after two transmission towers in Ukraine were damaged by explosions. (AP Photo/Alexander Polegenko)

The recent cyberattack on Ukraine’s power grid was the first of its kind and signals “new territory” for potential offensive military applications, an analyst said.

The Dec. 23 hack reportedly left hundreds of thousands of homes — about half — in the Ivano-Frankivsk region of the country without electricity, according to multiple press reports. Officials had to manually restore power.

Researchers at iSIGHT Partners, a cyberthreat intelligence company in Virginia, said malware infected at least three regional power authorities, leading to “destructive events” that caused the blackout, according to an article by Dan Goodin, security editor at Ars Technica.

The attack seems likely perpetrated by Russia or a Russian group given the country’s military intervention in the Ukraine. Indeed, some of the malicious computer code may be linked to an organization called the Sandworm gang with ties to Russia. But Stephen Ward, a senior manager at iSIGHT Partners, said it’s too early to tell who or which entity is likely responsible.

Regardless of who did it, the attack signals a concerning development with major implications to politics and warfare, Ward said.

“For cyber to be more than just an intelligence-collection platform … to a component of geopolitical conflict, I think, is alarming,” he said in a telephone interview.

“It’s definitely new territory and the crossing of what had been perceived as a bright red line,” he added. “We’ve got to be concerned. This leads to a potential future where fairly easy targeting — spear-fishing and easy access into networks — could result in some major disruptions.”

About the Author

Brendan McGarry
Brendan McGarry is the managing editor of Military.com. He can be reached at brendan.mcgarry@military.com. Follow him on Twitter at @Brendan_McGarry.
  • Fred Pollard

    As we work to protect our infrastructure and implement smart grid technology we must identify best practices. Perhaps companies like SEL can work with key industry leaders to have a joint partnership of scientists, engineers, reporting to a legislative body for fast response and emergency implementations to remove “At Risk” situations. Cloud based technology has risks…. Are they real or imaginary risks??!!