Reports have emerged that a substation in Pivnichna in the Ukraine, was fully cut off from the main power grid for about 75 minutes late on Saturday 17 December lasting into the early hours of Sunday. As a result, houses and flats of the right bank district of Kyiv and neighbouring areas lost power. Ukrenergo, a Ukrainian energy provider, said “Among the possible causes of failure are considered hacking and equipment malfunction”. Moreno Carullo, Co-Founder and Chief Technical Officer at Nozomi Networks commented below.
Moreno Carullo, Co-Founder and Chief Technical Officer at Nozomi Networks:
“These reports are reminiscent of an attack experienced at a similar time last December that left 225,000 Ukrainians cold at Christmas. Worryingly, if this does prove to be another cyberattack on the Ukrainian grid, it sets an uncomfortable precedent that similar attacks may occur annually at this time of year.
“This recent outage appears to centre at a transmission substation. These are used to transport electricity over long distances, with its primary function to raise/lower and control the voltage, provide power factor correction to protect from overloads, and perform checks to synchronise power flow between two adjacent power systems. A distribution substation is then used, closer to cities, to carry electricity to users. All this equipment (the transmission and the primary distribution substations) are automated and remotely controlled, while smaller ones maybe electromechanically operated and are certainly unsupervised.
“Substations have long been considered a weak point, with respect to cybersecurity, due to their remote location making them difficult to manage and monitor for disruptions. While some are completely disconnected, and are therefore considered safe from cyberattack, others form part of a Smart Grid which means they are part of a fully connected series of systems to allow for improved efficiency of the power grid. However, with Smart Grid connectivity comes increased vulnerability to cyberattacks due to the connected nature of the entire grid.
“As energy providers become the target of possible nation-state actors or terrorists, energy companies are turning to advanced technologies to aid in remote cybersecurity monitoring and anomaly detection at substations and other industrial automation systems. Despite increasing threats, I am optimistic that innovation and implementation of advanced cybersecurity technologies is an important step toward safe and reliable power globally. The Ukrainians would do well to add advanced cybersecurity to their Christmas list this year.”
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.