Ukraine’s Power Grid Gets Hacked Again, a Worrying Sign for Infrastructure Attacks

Russian hackers have reportedly taken down power grids and tracked military units in Ukraine.
Security researchers at CrowdStrike believe that the hacking collective known as Fancy Bear, which was linked to hacking of Democratic National Committee’s e-mail servers earlier this year, used Android malware to track Ukrainian artillery units. The attack utilized code similar to that used in the DNC attack, but this time used it to retrieve communications and location data related to military assets since 2014.
Reuters suggests that the information could have been used by military forces to target the Ukrainian artillery. Pro-Russian separatists continue to battle Ukrainian government forces in eastern Ukraine.
Meanwhile, it has come to light that an unconfirmed group of Russian hackers took over computers at an electricity control center to plunge parts of the city of Kiev into darkness. The hackers apparently sent malware via e-mail to employees, allowing them to steal login credentials and shut down substations. All told, the attack took out 200 megawatts of capacity—about 20 percent of the city’s nighttime energy consumption.
An eerily similar incident hit the Ivano-Frankivsk region of Ukraine last December. At the time, it was widely viewed as the first major assault on a nation’s power grid. That such an attack should be leveled again is little surprise: CBS News suggests that this, too, is likely a product of tensions in eastern Ukraine.
But even though the attacks struck in eastern Europe, the West should pay close attention. “We can’t just look at the Ukraine attack and go ‘Oh, we’re safe against that attack,’” says Rob Lee, a security researcher who spoke to CBS News. Indeed, as Wired noted earlier this year, many parts of the U.S. grid are both less secure than Ukraine’s and would take longer to reboot in an emergency.
The threat, then, is real. At this point it’s widely believed that Russia was behind many of the hacks leveled at U.S. systems during the presidential election. There’s no reason to believe that physical infrastructure isn’t next on the list.
(Read more: Reuters, CBS News, Wired, “What the DNC Hack Says about Cyber-Based Threats to Democracy,” “Obama Demands the Facts on Election Hacks,” “IoT Botnets Are Growing—and Up for Hire”)
Keep Reading
Most Popular
DeepMind’s cofounder: Generative AI is just a phase. What’s next is interactive AI.
“This is a profound moment in the history of technology,” says Mustafa Suleyman.
What to know about this autumn’s covid vaccines
New variants will pose a challenge, but early signs suggest the shots will still boost antibody responses.
Human-plus-AI solutions mitigate security threats
With the right human oversight, emerging technologies like artificial intelligence can help keep business and customer data secure
Next slide, please: A brief history of the corporate presentation
From million-dollar slide shows to Steve Jobs’s introduction of the iPhone, a bit of show business never hurt plain old business.
Stay connected
Get the latest updates from
MIT Technology Review
Discover special offers, top stories, upcoming events, and more.