I’m tired of doing that “welcome to 2016” thing, but here’s another story that doesn’t bode all that well for the new year, this time out of Ukraine:
Highly destructive malware that infected at least three regional power authorities in Ukraine led to a power failure that left hundreds of thousands of homes without electricity last week, researchers said.
The outage left about half of the homes in the Ivano-Frankivsk region of Ukraine without electricity, Ukrainian news service TSN reported in an article posted a day after the December 23 failure. The report went on to say that the outage was the result of malware that disconnected electrical substations. On Monday, researchers from security firm iSIGHT Partners said they had obtained samples of the malicious code that infected at least three regional operators. They said the malware led to “destructive events” that in turn caused the blackout. If confirmed it would be the first known instance of someone using malware to generate a power outage.
“It’s a milestone because we’ve definitely seen targeted destructive events against energy before—oil firms, for instance—but never the event which causes the blackout,” John Hultquist, head of iSIGHT’s cyber espionage intelligence practice, told Ars. “It’s the major scenario we’ve all been concerned about for so long.”
The blackout only lasted a few hours, thankfully (winter in Ukraine is not a good time to be without electricity), but the attack, thought to be the first malware attack ever to take down a power grid, raises some pretty uncomfortable questions. Like, could these hackers (reportedly called “the Sandworm gang,” whom iSIGHT suspects of having ties to Russia) take down the power grid in Kiev? Could they keep the power off for days or more at a time? Can they take down power grids anyplace other than Ukraine?
On the other hand, if Ukraine has taught us anything, it’s that you don’t need nifty hacker skillz to take down a power grid when brute force will do the trick. Power from mainland Ukraine to breakaway Crimea was physically cut in November when saboteurs blew up the pylons holding up the lines, and something similar seems to have happened last week–and Ukraine’s electricity company (Ukrenergo) was planning to cut Crimea off anyway. The rolling blackouts have left Crimean boss Sergey Aksyonov has started openly wishing that he could purge his aides just like Joseph Stalin did, although something tells me it doesn’t take a blackout to get Sergey thinking fondly of Uncle Joe. Moscow is rushing to extend a couple of power lines from Russia into Crimea later this month, but until then the peninsula may be hurting for power, and they won’t fully go onto the Russian grid until later this year.
Hey, thanks for reading! If you come here often, and you like what I do, would you please consider contributing something (sorry, that page is a work in progress) to keeping this place running and me out of debtor’s prison? Also, while you’re out there on the internet tubes, please consider liking this blog’s Facebook page and following me on Twitter! Thank you!
The Foreign Exchanges Companion 
