Hackers Take Down Power Stations In Ukraine

May be the first cyberattack to successfully cause a blackout

Ivano-Frankivsk was supposed to be far from the Russian front. The city and province of the same name are on the far western side of Ukraine, away from the Russian-backed breakaway province of Donetsk in the east. Donetsk has seen almost two years of fighting on stalemated trenches. Yet last month, it was Ivano-Frankivsk that appears to have suffered from a new attack: malware, planted by hackers in several power stations, left hundreds of thousands without electricity in subzero conditions. Cyberwar, it seems, is an attack best served cold.

From Ars Technica:

The health hazards of power outages in winter are well documented. In a study on ice storm impacts over time, David A. Call of Ball State University wrote “Power outages also cause secondary effects, such as carbon monoxide poisoning and fire, and they can force people to leave their homes because of a lack of heat.” The power outage in Ivano-Franivsk was fortunately only a few hours long, but it’s distressing that a hostile attack could even shut off the power at all.

First, the power systems were likely compromised by spearphishing, or targeted emails and social engineering that get a person inside a network to download something harmful. Previously, spear-phishing attacks have stolen information from the Pentagon and broken a steel mill in Germany. Here’s how security researchers ESET described the attack in a blog post:

Once inside the network, the system either shut down parts of the power station’s infrastructure or provided remote access to the attackers, giving them the controls to shut it down.

Bob Gourley, the former Chief Technology Officer of America’s Defense Intelligence Agency, says that this should get people to take cybersecurity threats to infrastructure more seriously. He writes:

Disabling a few power plants for a few hours is no dramatic “cyber Pearl Harbor,” an attack shocking enough to mobilize a national response. Instead, it’s in that foggy gray area between spycraft and sabotage, the sort of clandestine skirmish more typical of a Cold War. And with the ability to shut down power in winter, the war can get very cold indeed.

Kelsey D. Atherton

Kelsey D. Athertonis a defense technology journalist based in Albuquerque, New Mexico. His work on drones, lethal AI, and nuclear weapons has appeared in Slate, The New York Times, Foreign Policy, and elsewhere.