Modern field guide to security and privacy

Did Ukraine power grid hack give Russia an edge?

At an Atlantic Council event Thursday, experts said that a Ukrainian power outage allegedly triggered by Russian hackers may be just a small piece of Moscow's cybersecurity strategy.

Valentyn Ogirenko/Reuters
An employee speaks on the phone inside a switchboard room of the Trypillian thermal power plant, part of Centrenergo company, in Kiev region, Ukraine, February 11, 2016.

If Russian hackers did shut down swaths of Ukraine’s power grid last year, as US officials have claimed, it may be just one piece of Moscow's strategy to integrate cyberattacks into future military efforts.

At an Atlantic Council event Thursday, experts said the attack – the first known digital strike that helped trigger widespread outages – represents just one part of Russia's strategy in the Ukraine conflict that has previously included the use of espionage and denial-of-service attacks. The full video of the event is available here

Despite concerns that the Ukraine grid attack, which shut power to 80,000 homes in three separate Ukrainian regions, is a harbinger of more spectacular strikes against critical infrastructure, hackers may not have that ability for some time, say experts.

"In the end, 225,000 people lost power for six hours," said Martin Libicki, senior management scientist at the RAND Corporation. "In PEPCO’s heyday, they used to be able to do that without even blinking," referring to a Washington-area power supplier.

The panel’s skepticism about the attack has echoed official assurances about grid resilience against hacks.

On Thursday, Gerry Cauley, president of the North American Electric Reliability Corporation (NERC) – which assures the reliability of US power – testified in the House Transportation Committee that cyberattacks could not alone cause a long-term shutdown of the grid. But some experts think NERC’s plan to protect critical infrastructure exempts many small power distributors connected to the grid, leaving the US grid vulnerable to attack.

"If the goal of the bad guys is to shut down the US, they’re going to try to cut off the power," said Rep. Lou Barletta (R) of Pennsylvania at Thursday's hearing. 

But with Russia and Ukraine both playing down the conflict, experts at Atlantic Council said that another major attack against critical infrastructure is not likely.

"Until Christmas, there was no attempt to carry out a cyber attack against any piece of the critical infrastructure," said RAND Corporation's Mr. Libicki, adding that there’s "no information at this point that there’s been a cyberattack against military systems."

In fact, most hacks related to the conflict, which began after pro-Russian militants occupied Crimea in February 2014, have been focused on stealing sensitive data, defacing websites, and denying service to Internet users.

Russian spies have reportedly used signals intelligence platforms to gather location data from mobile devices and Wi-Fi networks operated by Ukrainian troops. CyberBerkut, a pro-Russian hacktivist group, has also attempted to breach Ukrainian networks to leak embarrassing data about political figures. 

If Russia did have a hand in the grid hack, which many suspect because of the use of “BlackEnergy” malware connected to a criminal group with ties to Moscow – it may have been to confuse adversaries about its use of hacking tactics.

"I think Russia benefits from [cybersecurity] being foggy and mythic and tries to ensure that it’s foggy and mythic," said Jeffrey Mankoff, a senior fellow at the Center for Strategic and International Studies, adding that the attack on the Ukrainian power grid may have been a signal designed to add to speculation about Russia’s capabilities.

But because many Russian hackers might be attracted to intelligence work or the lucrative criminal underworld, military cyberattacks may not have much of an impact, said RAND’s Libicki. "We may have overestimated a lot of what cyberwar can do."

That means that future cyberattacks in the conflict – and coming from Russia – could fly under the radar. "Lawyers are saying, 'If nobody dies then nobody cares,' " said Kenneth Geers, a nonresident fellow at the Atlantic Council.

You've read  of  free articles. Subscribe to continue.

Dear Reader,

About a year ago, I happened upon this statement about the Monitor in the Harvard Business Review – under the charming heading of “do things that don’t interest you”:

“Many things that end up” being meaningful, writes social scientist Joseph Grenny, “have come from conference workshops, articles, or online videos that began as a chore and ended with an insight. My work in Kenya, for example, was heavily influenced by a Christian Science Monitor article I had forced myself to read 10 years earlier. Sometimes, we call things ‘boring’ simply because they lie outside the box we are currently in.”

If you were to come up with a punchline to a joke about the Monitor, that would probably be it. We’re seen as being global, fair, insightful, and perhaps a bit too earnest. We’re the bran muffin of journalism.

But you know what? We change lives. And I’m going to argue that we change lives precisely because we force open that too-small box that most human beings think they live in.

The Monitor is a peculiar little publication that’s hard for the world to figure out. We’re run by a church, but we’re not only for church members and we’re not about converting people. We’re known as being fair even as the world becomes as polarized as at any time since the newspaper’s founding in 1908.

We have a mission beyond circulation, we want to bridge divides. We’re about kicking down the door of thought everywhere and saying, “You are bigger and more capable than you realize. And we can prove it.”

If you’re looking for bran muffin journalism, you can subscribe to the Monitor for $15. You’ll get the Monitor Weekly magazine, the Monitor Daily email, and unlimited access to CSMonitor.com.