UK could face Ukraine-like cyberattack on its power infrastructure
A cyberattack like that on Ukraine's power utilities could be replicated in the UK, a member of the US team investigating the attack has said. The strike on power grids in December 2015, considered to be the first-known power outage in the country, had left homes in the Ivano-Frankivsk region of Ukraine without electricity for several hours.
"I have been getting interest and calls from the UK, Norway and all over," Robert Lee, an infrastructure specialist at cybersecurity firm the Sans Institute, told BBC, "The answer is yes [they could be vulnerable]."
"The way the Ukrainians set up the grid and type the equipment they are using is also the way a lot of other nations do it," said Lee. He also said the attack could have been worse if the attackers had shut off power to a much wider range. "This was a shot across the bows," he told BBC.
According to a source close to the UK power industry, "given sufficient sophistication and funding", the UK electricity infrastructure could be hacked.
But a spokesperson for the Energy Network Association said cybersecurity was a top priority. The Department for Energy and Change said, "The UK has dedicated cyber experts and teams to keep it protected."
Is UK vulnerable to such an attack?
"A breach is entirely possible," said Eireann Leverett from Cambridge University's Centre for Risk Studies, but added, "There's a lot of people working very hard to stop it."
Meanwhile, Chris Johnson, professor at Glasgow University said some of the control systems used by power distribution companies can be found for sale online. He warned these could be used by hackers, looking for security flaws in systems.
Lee suggested that power providers ensure they can quickly detect attacks when they occur and have dedicated staff to respond to the attack.
In November 2015, Chancellor George Osborne announced an investment of £1.9bn (€2.4bn, $2.6bn) over five years to protect UK from cyberattacks.
"If you add together the spending on core cyber security capabilities, protecting our own networks and ensuring safe and secure online services, the government's total cyber spending will be more than £3.2 billion," said Osborne, "That money by itself is not enough. It supports a national cyber plan.
"The plan consists of five major steps forward in the nation's cyber defence. The most fundamental thing we need to do is defend ourselves online, and we are developing a series of measures to do so more actively," added Osborne.
Cyberattack on Ukraine power stations
According to the findings by the US Department of Homeland Security (DHS), the power outages in Ukraine were a result of cyberattacks at three regional power companies that affected about 225,000 customers in the country.
While DHS did not mention any details about the hackers, Ukraine's energy minister earlier said that hackers carried out the attack using Russian-based internet service providers to communicate among themselves. Cybersecurity firm iSight Partners had also claimed Russian hacking collective Sandworm was behind the power outage in Ukraine.
But it is still not clear whether it was the Russian government or a well-funded non-government team who was behind the strike, Lee said. The attackers began sending phishing emails to Ukraine's power utility companies six month before the attack, through Microsoft Word document. The malware that was used — BlackEnergy 3 — allowed hackers to get access to login credentials and passwords.
The hackers eventually gained access to remotely log into major controls, known as supervisory control and data acquisition (Scada) systems. On 23 December, attackers "remote desk-topped" in the Scada computers and cut power at 17 substations. They also made efforts to ensure the power supplies could not be turned back on.
© Copyright IBTimes 2024. All rights reserved.