This publication and the abstract below was published by JSIS, University of Washington on OCTOBER 11, 2017. ICIT strongly encourages you to visit the JSIS, University of Washington Publication Library to search for additional information security resources which are freely available.
Cyberattack on Critical Infrastructure: Russia and the Ukrainian Power Grid Attacks
On December 23, 2015, the control centers of three Ukrainian electricity distribution companies were remotely accessed. Taking control of the facilities’ SCADA systems, malicious actors opened breakers at some 30 distribution substations in the capital city Kiev and western Ivano-Frankivsk region, causing more than 200,000 consumers to lose power. Nearly a year later, on December 17, 2016, a single transmission substation in northern Kiev lost power. These instances of sabotage took place on the tail of a political revolution in Kiev, the annexation of Crimea, and amid military clashes in the eastern Donetsk and Luhansk regions.
Governments and cybersecurity companies have attributed the hacks to Russian groups with suspected, although unclear, associations with the Russian government. Russian hackers have a long history of participating in political and military conflicts in Eastern Europe and consistently carry out espionage operations around the world in support of Russian interests.