Electricity is the lifeblood of an economy and a society. On Dec. 23, about half of the 1.4 million homes in Ukraine’s Ivano-Frankivsk region went dark for three hours when multiple electrical substations failed. The blackout appeared to be a rare example of malware being used to switch off an electrical grid.

A cybersecurity firm, iSight Partners, has reported that Russia, which has done much to destabilize Ukraine over the past two years, probably was behind the attack. Much is still unknown about how this might have worked, but it is another ominous reminder that the age of cyberconflict has arrived.

The United States and Israel pioneered the use of malware to damage industrial control systems with the creation of Stuxnet, which caused malfunctions in systems enriching uranium in Iran. Now the ability to misdirect or wreck industrial control systems that are connected to the Internet is spreading. A similar cyberattack was reported to have recently targeted Israel’s electrical grid.

Other cyberattacks have involved stealing intellectual property, such as at Sony Pictures, or scooping up personal data, such as the breaches at Target and Home Depot. But the electrical grid shutdown in Ukraine heralds an altogether different kind of danger, one that can manipulate machines that control industrial equipment, such as power grids and dams, and cause them to behave in dangerous ways.

It is entirely plausible that Russia – either the state or its proxies – carried out such a cyberattack on Ukraine. Russia’s offensive cybercapabilities are growing, as are those of a dozen other countries, including the United States. The Ukraine blackout is a cautionary signal that a new type of destructive conflict is possible – and probable.


Only subscribers are eligible to post comments. Please subscribe or to participate in the conversation. Here’s why.

Use the form below to reset your password. When you've submitted your account email, we will send an email with a reset code.

filed under: