View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Cybersecurity
January 11, 2017updated 25 Jan 2017 3:30pm

Ukranian power outage: Are hackers testing for worldwide SCADA cyber attacks?

Hackers could be attacking the Ukrainian critical infrastructure as a test bed for bigger and more harmful future hacks.

By Ellie Burns

A power outage which hit the Ukraine in December 2016 has been found to be the cause of a cyber attack, with the investigation into the outage pointing to a huge impending threat on critical infrastructure across the world.

Confirmation of the hack on the Ukrainian power facility in 2016, confirmed by sources to Motherboard, follows the huge December 2015 power outage which was the result of an attack on a Ukrainian distribution facility. The 2015 attack affected around 230,000 people, with the finger of blame pointed at the Russian government.

Hitting almost a year after the mega 2015 attack, the 2016 hack hit the Pivichna substation outside Kiev, cutting power and leaving those living in Kiev and the surrounding area in the dark for an hour. Although smaller in impact, the repeat attack on a Ukrainian power facility has led experts to believe that hackers are using the region as a test bed for bigger attacks in the future.

“The confirmation that the Ukrainian December outage has been identified as a cyber attack is a worrying development,” said Alex Matthews at Positive technologies.

“However the real concern is the reports that the region is being used as a test bed, which must be viewed as a very real warning for all ICS protectors, regardless of where in the world they are.”

The fact that hackers may be testing techniques and methods for bigger and more effective future attacks is all the more alarming seeing as vulnerabilities clearly exist in existing infrastructure. At the core of the 2015 attack were connected devices, with the hackers replacing legitimate firmware with malicious firmware on serial-to-Ethernet converters at substations. It is here, connected devices, where the vulnerability in critical infrastructure is found.

“Far too many internet-connected devices are vulnerable to hackers, our research confirms one in three, add to this the challenge that it takes just two days to find a new SCADA flaw – yet almost a year to get it fixed, and the vulnerability of our critical infrastructure is evident,” said Mr Matthews.

Content from our partners
Unlocking growth through hybrid cloud: 5 key takeaways
How businesses can safeguard themselves on the cyber frontline
How hackers’ tactics are evolving in an increasingly complex landscape

“If hackers are using regions like the Ukraine as test beds for bigger and more malicious future attacks, then it is all the more critical for ICS and SCADA networks to take steps to reduce that risk now.”

With the investigation into the 2016 attack not yet complete, it would be foolhardy for critical infrastructure owners to wait for further disclosures. The two main facts are that hackers may be testing attacks, with said attacks exposing vulnerabilities which need to be resolved now. SCADA attacks, if successful, would impact all citizens and businesses, which is why the time to act is now. Calling on those in the industry to come together to find solutions, Mr Matthews said:

“There is a real need for critical infrastructure owners, hardware vendors, information security experts and government officials to all work together to create industry security programs that will keep everyone safe, firmly slamming the door in the hackers face.”

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how New Statesman Media Group may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.