Two days before Christmas the lights went out across the Ivano-Frankivsk region of Ukraine. As many as 225,000 customers lost power, the result of coordinated cyberattacks on three power grids.
The hackers tricked utility employees into downloading malware – BlackEnergy – that was linked to Russian spy agencies and that had been used to probe power companies across the world, including those in the U.S. On attack day they remotely shut off current to about 60 substations, inserted new code that blocked staff from reconnecting and even “phone bombed” the companies’ switchboards to discombobulate employees rushing to get power flowing again.
The Ukrainians claimed it was the first time a power grid had been knocked out by hackers and quickly pointed a finger at Russia. Robert M. Lee was skeptical. In the midst of preparing for a Christmas wedding in Alabama, the ex-cyberwarfare Air Force officer needed proof. There had only been two known destructive attacks on critical infrastructure. He and several colleagues in the U.S. cyber community coordinated with contacts inside Ukraine to recover malware from the network. Lee was the first person to report about the malware after reviewing the public information and analyzing the grid’s control systems. It was soon apparent: This was the real deal, though Lee shies away from blaming Russia. “What surprised me is the bold nature of it. … It was so coordinated. All the stuff we’ve seen before looked like intelligence. This looked like military. That’s kind of alarming.”
You've reached your daily free article limit.
Subscribe and support our veteran writing staff to continue reading.
Two days before Christmas the lights went out across the Ivano-Frankivsk region of Ukraine. As many as 225,000 customers lost power, the result of coordinated cyberattacks on three power grids.
The hackers tricked utility employees into downloading malware – BlackEnergy – that was linked to Russian spy agencies and that had been used to probe power companies across the world, including those in the U.S. On attack day they remotely shut off current to about 60 substations, inserted new code that blocked staff from reconnecting and even “phone bombed” the companies’ switchboards to discombobulate employees rushing to get power flowing again.
The Ukrainians claimed it was the first time a power grid had been knocked out by hackers and quickly pointed a finger at Russia. Robert M. Lee was skeptical. In the midst of preparing for a Christmas wedding in Alabama, the ex-cyberwarfare Air Force officer needed proof. There had only been two known destructive attacks on critical infrastructure. He and several colleagues in the U.S. cyber community coordinated with contacts inside Ukraine to recover malware from the network. Lee was the first person to report about the malware after reviewing the public information and analyzing the grid’s control systems. It was soon apparent: This was the real deal, though Lee shies away from blaming Russia. “What surprised me is the bold nature of it. … It was so coordinated. All the stuff we’ve seen before looked like intelligence. This looked like military. That’s kind of alarming.”
Read More- Forbes
Image courtesy of Forbes
Can China’s New Fujian Super Carrier Rival the USS Ford?
US Navy Ramps Up Virginia-Class Submarine Production
Former US Army Soldier Sentenced To 14 Years in Prison For Attempting to Aid ISIS
Former Delta Operator Geo Hand Takes Over The Cellblock
North Korea Shuts Down Unification, Demolishes Inter-Korean Roads
Join SOFREP for insider access and analysis.
TRY 14 DAYS FREEAlready a subscriber? Log In
COMMENTS
You must become a subscriber or login to view or post comments on this article.