Power lines

Ukraine’s power grid 'likely hacked by Russian cyber attackers'

Image credit: Pexels

A power distribution station near Ukraine’s capital Kiev was probably switched off by cyber attackers earlier this week, cutting off electricity supply to parts of the city, authorities believe.

According to Vsevolod Kovalchuk, acting chief director of Ukraine’s national power company Ukrenergo, the outage amounted to 200MW of capacity, equivalent to about a fifth of the capital’s energy consumption at night.

“That is a lot. This kind of blackout is very, very rare,” Kovalchuk told Reuters by phone.

He said there were only two possible explanations for the accident: either a hardware failure or external interference.

He further added the authorities suspect Russian hackers to be behind the incident. The company’s IT specialists found suspicious transmission data, which are not part of standard protocols, suggesting external interference.

Kovalchuk said Ukraine’s state security service had joined the investigation. “There are no final conclusions yet about what it was, but experts say that this was something new and they have not encountered this before,” Kovalchuk said.

In recent years, Ukraine has suffered a string of attacks on its energy and financial infrastructure as well as government websites.

Last December, another Ukrainian power company Prykarpattyaoblenergo reported an outage, which was later ascribed to Russian hackers.

Experts widely described that incident as the first known power outage caused by a cyber attack. The US cyber firm iSight Partners identified the perpetrator as a Russian hacking group known as ‘Sandworm’.

Over the past month, Ukraine’s finance and defence ministries and the state treasury have said their websites had been temporarily downed by attacks aimed at disrupting their operations.

Cyber security researcher Mikko Hypponen of F-Secure believes the aim of the cyber-attacks on Ukraine is either to show that the country’s government is too weak to protect its citizens or to cover other malicious activity by diverting attention to the power outage.

“We are tracking several different, separate attack campaigns which we link back to different Russian intelligence agencies, and the targets are typically not just for sabotage, but for espionage,” he said.

“The vast majority of government attacks that we attributed to the Russian government are not about sabotage or disruption but about collecting intelligence and spying on foreign computer networks, and that has been increasing.”

A Ukrainian security chief said last week that Ukraine needed to beef up its cyber defences to better ward off the attackers.

Sign up to the E&T News e-mail to get great stories like this delivered to your inbox every day.

Recent articles