Ukraine power cut: Investigation concludes cyber attack was to blame

Is Ukraine a testing ground for cyber attacks that could be deployed globally?

An investigation into a freak power outage in Ukraine in December has concluded that the cause was a cyber attack, as originally suspected. The outage left people in parts of Kyiv without power for just over an hour.

The attack on the Pivnichna substation in the Kyiv suburbs was one of a series on the power infrastructure of Ukraine in recent years as the nation battles separatists in the east of the country. It has been blamed on neighbouring Russia, although the finger of suspicion had already been pointed in that direction back in December.

The latest attack focused on a local transmission facility, rather than a distribution facility, reported Motherboard.

Security researchers in Ukraine believe the same group have been behind all of the attacks, and may also have been behind cyber attacks on other targets in Ukraine in the public and commercial sectors. The national railway system and the Ministry of Finance were also targeted at about the same time, reports Motherboard.

Security companies have rushed to comment on news of the report.

"The Ukrainian Power Grid has been struck again by cyber bad guys in part because it seems they are using it as a test for bigger things later and in part because the attack was so subtle that nothing could likely have stopped it," said Jonathan Sander, vice president of product strategy at Lieberman Software.

He continued: "The only time the attack could have been thwarted was at the very start when they stole administrative credentials.

"Once they had the high-level access with the admin rights, then they were able to sit, watch, study, and formulate a phishing attack so real that no one could resist it. That type of spear-phishing only works when you have the intelligence from the inside to craft it just right."