Despite years of preparation, Ukraine’s electric grid still an easy target for Russian hackers

/in


“If Russia wants to take down the Ukrainian electric system, I have full confidence that they can, and the Ukrainian playbook in many ways is in a place where prevention’s not going to happen,” Robert M. Lee, CEO and co-founder of cybersecurity group Dragos, said in an interview. He argued corruption and economic barriers in Ukraine have gotten in the way of hardening the electric grid. The Ukrainian Embassy in Washington, D.C., did not respond to a request for comment.

President Joe Biden said Friday that the U.S. has every indication that Russian leader Vladimir Putin has decided to invade “in the coming days.” His warning came after a senior U.S. official estimated that Russia had lined up 169,000 to 190,000 fighters for the invasion, in “the most significant military mobilization in Europe since the Second World War.”

Alongside a physical invasion, Putin could marshal the full array of cyber and disinformation tools that it has inflicted on targets around the world during the past decade, including the U.S. And the electric grid is a ripe target.

Ukraine has repeatedly served as a laboratory for these kinds of attacks since Russia’s invasion and seizure of its Crimea region in 2014.

The first example came almost seven years ago, when three Ukrainian power stations went dark for six hours in the middle of winter, blacking out Kyiv and a large swathe of Western Ukraine. The hackers — identified by U.S. officials as Russian — tunneled inside the plants’ controls and opened breakers to prevent power flow. On top of that, they locked out power station employees from their accounts so they couldn’t respond to the attack, and overwhelmed the power stations’ call centers with a barrage of malicious online traffic — making it difficult for customers to report outages.

One year later, in 2016, Russian hackers went one step further and tried to disable the transmission equipment by overloading controls with internet activity, which would have made it unsafe for workers to manually restore power, according to a report from Dragos. The attack left portions of Kyiv in the dark for more than an hour — and even though the attackers failed to fully incapacitate…

Source…