Two weeks ago, an attack sent darkness over the western part of Ukraine.
The attack was caused by hackers who found a way to get malware into three operation centers causing transmission lines to overload and fail leaving 80,000 customers of Prykarpattyaoblenergo utility without electricity for six hours.
Stephen Cobb, security researcher at Bratislava-based security company ESET, said it was not the actual malware that caused the blackout, but a result of what people can do with it.
“The malware gave the attackers control. The malware itself didn’t carry out, didn’t execute the power outage or cut the switch. This kind of Trojan code once it’s on there can be used to do all kinds of things with the system that it has compromised,” Cobb said.
He said even though power companies in the U.S. have well developed technology, they are still susceptible to this kind of an attack.
“One would like to think in the United States, power companies here have taken their systems beyond the point where this can happen, but I wouldn’t necessarily bet on it,” Cobb said. “The power of a phishing attack is still very strong. It only takes one person to click on the wrong thing.”
He also said people working in those facilities know what they are up against.
“People who work at power companies, I would say, are painfully aware of the threat level and have been working very hard in recent years to improve their security,” Cobb said.
Additional production by Praveen Sathianathan.
Marketplace is on a mission.
We believe Main Street matters as much as Wall Street, economic news is made relevant and real through human stories, and a touch of humor helps enliven topics you might typically find…well, dull.
Through the signature style that only Marketplace can deliver, we’re on a mission to raise the economic intelligence of the country—but we don’t do it alone. We count on listeners and readers like you to keep this public service free and accessible to all. Will you become a partner in our mission today?