{In the last months of 2015, the conflict between Russia and Ukraine over Crimea\u2019s annexation and continuing strife in Ukraine\u2019s east appeared largely to be in stalemate. But now, with the new year, it appears the conflict is heating up again, and playing out on the region\u2019s electric grids.
\n}<\/p>\n
On Dec. 23, a massive power outage in western Ukraine left approximately 700,000 homes in the dark. That outage was quickly followed by two smaller outages in Ukraine\u2019s Ivano-Frankivsk region. The outages were short-lived, and at the time, believed to be benign in nature.<\/p>\n
Now, both the Ukrainian government and the private cybersecurity firm ESET say they have discovered malware inside the command and control systems at the affected power generators, raising the specter that unknown hackers intentionally targeted Ukraine\u2019s power grid.<\/p>\n
\u201cIf confirmed this would be the first time that malware, as an external threat, targeted another nation-state\u2019s power grid ever,\u201d says Barak Perelman, CEO and co-founder of the Israel-based cybersecurity firm Indegy. \u201cAny type of network interference that might shut down a grid should be considered a cyberattack, whether it originated inside the company or as an external threat.\u201d<\/p>\n
More bugs possible<\/p>\n
It\u2019s been rumored for years, but never proved, that various power failures around the world might have been the result of hackers. The malware inside Ukraine\u2019s power grid might offer proof of that. The Daily Beast reports that copies of the malware have been sent to U.S. cyber-analysts at the CIA, the NSA and the Department of Homeland Security.<\/p>\n
Perelman notes that while malware forensics may reveal clues about how the generators\u2019 operational networks, or OTs, were infected, discovering who authored and deployed the bugs will prove difficult.<\/p>\n
\u201cEven if you find forensic information about the author, you can never really know whether that was planted there deliberately or not,\u201d he said. \u201cBut more interesting is specifically what the malware did to interfere with the industrial controllers. By learning how it worked, either at the generation plants or the substations that deliver power, you can protect from future incidents.\u201d<\/p>\n
Perelman adds that it\u2019s also \u201cvery reasonable to believe\u201d that similar bugs remain in Ukraine’s grid and, in fact, may have also infected the power systems of other nations \u2013 including the U.S.<\/p>\n
Principal suspect<\/p>\n
Not surprisingly, Russia has figured as the principal suspect in planting the Ukrainian malware. Neither Russian or Ukrainian officials have spoken about the incident publicly, but in the past, government-linked Russian hackers have been tied to cyber-attacks in Estonia, Georgia and elsewhere.<\/p>\n
Ukraine\u2019s power grid may also have been targeted by pro-Russian hackers for another reason. In November of last year, much of Crimea\u2019s electric power was cut after lines and a substation of the Ukrainian-based electric supplier were damaged in what many believe to be an attack by Ukrainian nationalists. The malware infection may have been prompted by that outage.<\/p>\n
If the Ukraine outages are ultimately proven to be the work of hackers targeting another nation\u2019s electric grid, it would represent a significant escalation, and might even eventually be identified as an act of war.<\/p>\n
\u201cThere\u2019s really no internationally agreed upon rule book of what constitutes cyber-war,\u201d Bob Twitchell, CEO of the cybersecurity firm Dispersive Technologies, told VOA.<\/p>\n
“Technology can do many different things, but it always comes back to policy: what\u2019s the technology, what do you want to do with it, what\u2019s fair and not fair, and what\u2019s completely unacceptable,\u201d Twitchell said.<\/p>\n
Cyberwar<\/p>\n
Governments have generally been vague about defining what is and isn\u2019t an act of cyberwar. Last year U.S. Secretary of Defense Ashton Carter warned potential adversaries that the U.S. is ready to respond to any act of cyberwar.<\/p>\n
But the DoD strategy document does not discuss what specifically constitutes cyberwar. And that, says former Assistant Secretary of Homeland Security Stewart Baker, is because war \u2013 cyber or otherwise \u2013 is a messy business.<\/p>\n
“It is the things that both sides decide they are not prepared to do. And usually that\u2019s a mix of humanity, basic morality and hard-headed assessment that it won\u2019t do much good but will cause massive pain if the enemy does it to you,\u201d he said.<\/p>\n
That said, Twitchell, Baker and other analysts VOA has spoken with agree that the intentional targeting and destruction of one nation\u2019s power grid by another would clearly represent an act of war.<\/p>\n
Source:Voice of America:[Russia Suspected in First-ever Cyberattack on Ukraine\u2019s Power Grid->http:\/\/www.voanews.com\/content\/russia-suspected-in-first-ever-cyberattack-on-ukraine-power-grid\/3135485.html]<\/p>\n","protected":false},"excerpt":{"rendered":"
{In the last months of 2015, the conflict between Russia and Ukraine over Crimea\u2019s annexation and continuing strife in Ukraine\u2019s east appeared largely to be in stalemate. But now, with the new year, it appears the conflict is heating up again, and playing out on the region\u2019s electric grids. } On Dec. 23, a massive […]<\/p>\n","protected":false},"author":3,"featured_media":2000071370,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[6],"tags":[101],"byline":[2475],"hashtag":[],"class_list":["post-22390","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news","tag-internationl","byline-voice-of-america"],"bylines":[{"id":2475,"name":"VOICE OF AMERICA","slug":"voice-of-america","description":"","image":{"id":0,"url":"https:\/\/secure.gravatar.com\/avatar\/?s=96&d=mm&f=y&r=g","alt":"Default avatar","title":"Default avatar","caption":"","mime_type":"image\/jpeg","sizes":[]},"user_id":null}],"contributors":[{"id":2475,"name":"VOICE OF AMERICA","slug":"voice-of-america","description":"","image":{"id":0,"url":"https:\/\/secure.gravatar.com\/avatar\/?s=96&d=mm&f=y&r=g","alt":"Default avatar","title":"Default avatar","caption":"","mime_type":"image\/jpeg","sizes":[]},"user_id":null}],"featured_image":{"id":2000071370,"url":"https:\/\/en-images.igihe.com\/IMG\/logo\/arton22390.jpg","alt":"","caption":"","mime_type":"image\/jpeg","width":0,"height":0,"sizes":{"thumbnail":{"url":"https:\/\/en-images.igihe.com\/IMG\/logo\/arton22390.jpg","width":1,"height":1},"medium":{"url":"https:\/\/en-images.igihe.com\/IMG\/logo\/arton22390.jpg","width":1,"height":1},"medium_large":{"url":"https:\/\/en-images.igihe.com\/IMG\/logo\/arton22390.jpg","width":1,"height":1},"large":{"url":"https:\/\/en-images.igihe.com\/IMG\/logo\/arton22390.jpg","width":1,"height":1},"full":{"url":"https:\/\/en-images.igihe.com\/IMG\/logo\/arton22390.jpg","width":0,"height":0}}},"_links":{"self":[{"href":"https:\/\/new.igihe.com\/english\/wp-json\/wp\/v2\/posts\/22390","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/new.igihe.com\/english\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/new.igihe.com\/english\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/new.igihe.com\/english\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/new.igihe.com\/english\/wp-json\/wp\/v2\/comments?post=22390"}],"version-history":[{"count":0,"href":"https:\/\/new.igihe.com\/english\/wp-json\/wp\/v2\/posts\/22390\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/new.igihe.com\/english\/wp-json\/wp\/v2\/media\/2000071370"}],"wp:attachment":[{"href":"https:\/\/new.igihe.com\/english\/wp-json\/wp\/v2\/media?parent=22390"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/new.igihe.com\/english\/wp-json\/wp\/v2\/categories?post=22390"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/new.igihe.com\/english\/wp-json\/wp\/v2\/tags?post=22390"},{"taxonomy":"byline","embeddable":true,"href":"https:\/\/new.igihe.com\/english\/wp-json\/wp\/v2\/byline?post=22390"},{"taxonomy":"hashtag","embeddable":true,"href":"https:\/\/new.igihe.com\/english\/wp-json\/wp\/v2\/hashtag?post=22390"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}