As the conflict between Russia and Ukraine drags into its 21st month, a covert humanitarian operation orchestrated by the US Air Force has emerged, delivering a critical lifeline to sustain Kyiv’s power infrastructure.
With the looming threat of infrastructure damage from Russian drone and missile strikes, a covert mission aimed at fortifying Ukraine’s power grid unfolded—led by a collaboration between the US Department of Commerce, California-based digital solutions firm Cisco, and a team of experts from both the public and private sectors.
Developing Critical Cybersecurity Solutions
The covert operation was brought to light through recent reports disclosing the delivery of cutting-edge cybersecurity technology to Ukraine.
Developed by Cisco, this groundbreaking capability serves as a safeguard against electrical fluctuations caused by damage to infrastructure.
Its primary focus lies in protecting the integrity of Global Positioning System (GPS)-based clocks, which are pivotal in managing data on power relays across the nation.
Tech giant Cisco built special device to help Kyiv ward off cyberattacks on power grid.
Wish more tech companies and others would use their expertise to help Ukraine. Thank you Cisco! https://t.co/K8YjDmfmAi
— Joanna French (@cuppajojojo) November 26, 2023
Joe Marshall, a Security Strategist at Cisco’s Talos division, shed light on the intensive eight-month development process, emphasizing the tireless efforts of both Cisco and power grid experts.
“It involved a great deal of trial and error, but we managed to develop a unique solution that helps mitigate the GPS jamming issue,” Marshall stated in an exclusive interview with Business Insider.
Covert Delivery: From Cargo Plane to Integration
The undercover mission took shape with the deployment of a prototype, described as “pizza box-sized,” loaded onto a US Air Force cargo plane dedicated to humanitarian aid missions.
This aircraft is regularly shuttled between an East Coast military installation and Rzeszów, Poland, a pivotal location serving as a hub for donations destined for Ukraine.
From there, the device was discreetly transported to Ukraine via train.
Reports from CNN detailed engineers stationed in Ukraine eagerly awaiting the prototype’s arrival.
Upon reaching its destination, the device underwent additional configurations before integration into Ukrenergo’s power systems.
The covert operation concluded seamlessly, with Ukrenergo—an electricity transmission system operator in Ukraine—successfully assimilating the prototype into its infrastructure.
From @CNN, learn how a team of experts from Talos and others at @Cisco are helping to protect #Ukraine's power grid with a line of specially crafted devices https://t.co/OcGcGkhsBt pic.twitter.com/yeKuURBSAj
— Cisco Talos Intelligence Group (@TalosSecurity) November 21, 2023
The success of the prototype installation paved the way for further aid.
Ukrenergo, impressed by the platform’s efficacy, accepted “dozens” of additional devices from the United States.
Despite the approximate value of these components reaching $1 million, Cisco generously offered them free of charge, underscoring the humanitarian nature of the initiative.
Marshall reiterated the altruistic motive behind Cisco’s involvement, stating, “Fighting the good fight isn’t just about cybersecurity. It’s about doing the right thing and helping others in the face of adversity.”
“We knew that this work was our chance to make a tangible difference to Ukrainians,” the Cisco officer added.
International Support and Collective Action
Remarkably, while the operation remains classified by US defense and commerce agencies, the Department of Energy (DOE) provided an update confirming their active involvement.
Since December 2022, the DOE has orchestrated the shipment of nearly 20 tons of high-voltage electrical infrastructure components to Ukraine.
These efforts, in collaboration with industry partners and US utilities, align with stabilizing Ukraine’s electric grid and essential services.
The DOE’s actions, part of an international collective effort, aimed to assess vulnerabilities within Ukraine’s energy system, stabilize global energy markets, and curtail nuclear risks.
Such collaborations underscore the global solidarity in supporting Ukraine amidst the conflict.
Ukraine’s energy facilities are hobbled by Russian attacks, with repairs unfinished and equipment scarce. Now, winter looms.https://t.co/Wx2V3UN2kA
— The New York Times (@nytimes) November 22, 2023
The clandestine delivery of cybersecurity technology to fortify Ukraine’s power grid embodies a significant gesture of support amidst adversity.
The success of this covert operation reflects not only the technological prowess of the involved entities but also their commitment to humanitarian causes.
Adapting Defenses: Lessons from Russian Cyberattacks
Amidst the covert delivery of cybersecurity technology to Ukraine by the US Air Force, years of Russian attacks on Ukraine’s grid have fueled US efforts to bolster defenses and glean vital insights.
Behind the scenes, US officials have been coordinating technology deliveries to fortify Kyiv’s defenses.
The US Department of Defense’s collaboration with SpaceX, as announced in June, to provide Starlink satellite service aims to enhance Ukraine’s connectivity and resilience against potential communication disruptions.
The US has dedicated close to a decade to studying Russian tactics used in attacks on Ukraine’s grid. This serves to support Ukraine’s defense while equipping US power companies to counter similar hacking techniques.
Russian cyber tactics evolved through attacks in 2015 and 2016, prompting US involvement to study and understand these techniques.
Moreover, a recent October 2022 incident involving the GRU targeting a Ukrainian electric facility, which consequently cut power for about 225,000 citizens in the middle of winter, showcased evolving methods and posed challenges in distinguishing between air strikes and hacking-induced outages.
The incident highlighted rapid tool development by the Russian hacking unit, raising concerns about the applicability of these techniques globally. Efforts by US research labs to study the October 2022 hack aim to fortify defenses of the US power grid against evolving cyber threats.
These proactive measures underscore the commitment of US entities to safeguard critical infrastructure, emphasizing the importance of ongoing adaptation to confront evolving cybersecurity challenges globally.
As the conflict persists, efforts such as these illuminate the unwavering determination to safeguard essential services, ensuring the sustenance of life in regions grappling with the harsh realities of war.
While the operation remains shrouded in secrecy, its impact shines brightly as a beacon of hope amid turbulent times, reaffirming the significance of international collaboration in times of crisis.