Power Out in Ukraine, Cause Unclear

Tuesday, December 20, 2016 @ 11:12 AM gHale

There was another power outage in the Ukraine last weekend and after last year’s hack attack the first thing anyone would think is “here we go again.”

And while that may be the case, officials are still not sure of the cause of the power outage.

RELATED STORIES
PSUG: Designing a Security Program
IoT Attack Scare: Is Industry Ready?
Network Visibility with New Platform
ICSJWG: Security in Perspective

National energy company Ukrenergo experienced the power outage on Saturday night, with director Vsevolod Kovalchuk explaining in a post on Facebook the blackout affected the northern part of Kiev and surrounding areas.

Ukrenergo engineers switched to manual mode and started restoring power in 30 minutes, Kovalchuk said in a published report. The blackout ended up repaired in full an hour and fifteen minutes after it occurred, he said.

The outage could be an “external interference through data network,” Kovalchuk said, adding the cyber security team is working on the case and more information should be provided soon.

Last year around this time, a group of hackers shut down the power grid in Ukraine after successfully infecting systems with malware and breaking down operating systems to prevent engineers from restoring them quickly.

Attackers used malware attacks BlackEnergy and KillDisk to compromise the network and then to render systems unusable by making them impossible to boot. It took six hours to completely restore power in Ukraine following the incident, with local security experts blaming Russia for the attack.

At least 225,000 people lost power in the incident. Operators watched helplessly while someone remotely operated the grid. The one saving grace was because of how old the infrastructure was, it helped. They were able to manually bring the grid back up.

Kovalchuk said this time the power grid experienced “a failure in automation control,” and this is why it was necessary to switch to manual control. The same manual workaround also ended up used last year.

No one has confirmed if this latest outage was a cyberattack.



Leave a Reply

You must be logged in to post a comment.