Hackers cause Ukrainian power cut - a reminder cyber attacks will become more dangerous in 2016

Ukrainian power outage 'sparked' by email-borne malware makes Ashley Madison hack seem trivial

If 2015 was a bad year for cyber security scares, then the very first high-profile incident to be reported in 2016 seems to demonstrate that this year could be even worse.

Incidents such as the Ashley Madison hack, the JD Wetherspoon data breach and the TalkTalk hack were bad, but the services those companies provide arguably can't be classed as critical infrastructure, vital to people's everyday lives.

However, an incident occurred over the Christmas period that saw around half of the homes in the Ivano-Frankivsk region of Ukraine - a region with a population of 1.4 million people - left without electricity following a cyber attack against the Prykarpattyaoblenergo power company.

Local press attributed the power cut to the activities of hackers targeting infrastructure with malware, which disconnected electricity supplies, leaving hundreds of thousands of people in the dark in the dead of winter.

According to researchers at anti-virus and malware protection software company ESET, the attack on the electricity supplies of Ivano-Frankivsk wasn't an isolated incident, with other energy companies throughout Ukraine targeted by cyber criminals at the same time.

If every attack had been successful, the repercussions could have been catastrophic.

Researchers suggest that the power cut was caused by 'BlackEnergy', a form of malware that has the capability to make infected systems unbootable, thanks to what's known as the KillDisk trojan.

It's a particularly vicious form of malware, which ESET suggests probably infiltrated the systems of the electricity distribution company after a user was duped into double-clicking on an attachment in a phishing email - a form of attack that is becoming ever more sophisticated.

While at this time it isn't known who, exactly, the perpetrators of this cyber attack were, Ukraine's intelligence agencies have blamed the incident on Russia.

Matthias Maier, technical evangelist at IT cloud services company Splunk, told Computing that the Ukrainian power cut demonstrated how cyber attacks are becoming harder to prevent, and that the incident should serve as a warning to others to segregate their networks to curtail the possibility of a large-scale outage.

"Cyber attacks on networks and infrastructure are becoming increasingly difficult to prevent. The key is having the right response measures in place to stifle the impact of malicious and highly destructive assaults," said Maier.

"It should be common practice to segregate networks, and having white-listing technology in place, rather than just anti-virus software, will allow only authorised actions to run," he added.

Maier also argued that "networks should be supported by constant monitoring protocols that recognise the anomalies which indicate potentially threatening behaviour", because "if a misconfiguration is made by accident, or malicious code is knocking at the door of a network, protection strategies of this kind can significantly reduce the risk of system outages through cyber attacks".

He continued: "Companies need to adapt to manage an increasingly complex threat surface", and warned that the rise of the so-called Internet of Things and connected devices will create a particular challenge for cyber security systems.

"This is especially true in 2016 as more and more internet-connected systems create opportunities for physical damage of assets above and beyond traditional hardware and software disruption," he said.

If the idea of hackers having the power to cause a power cut isn't worrying enough, security experts have warned that Trident nuclear weapons systems could be rendered useless by a cyber attack.