In early January, 80,000 people lost power, following a well planned and coordinated attack on the Ukraineโs power grid.
This represents the first successful attack on a nationโs Critical Infrastructure and, considering the volume of known compromises of SCADA systems, ushers in a new era of cyber warfare.
Initial reports attribute the attack on the seven Ukranian power stations, which wiped out power for 6 hours, to Russia: arguably, this atta was so well planned and executed that only the resources of a nation state were sufficient for success; certainly Russia has both the capability and political motivation.
As well as the initial impact, the attack also wiped systems to delay Ukraineโs ability to restore power. Whilst the infamous Stuxnet targeted the centrifuges of the Iranian nuclear programme and thereโs a parallel with attacking the SCADA* systems of the Ukranian power grid, the attack on Iran (and subsequent unsuccessful US Stuxnet attack on North Korea), these didnโt have the capacity to affect the countryโs population directly via its โCritical Infrastructureโโโโi.e. the underlying requirements of the entire country, disruption of which threatens lives or operation of the nation.
UPDATE: Ukrainian Airports are on alert, following discovery of the same BlackEnergy Malware on a system at the countryโs largest airport.
*SCADA (supervisory control and data acquisition) are specialised systems which typically control industrial and manufacturing plant systems and processes. Theyโre often isolated networks which arguably shouldnโt be connected to public networks for security reasons, however this distinction is becoming increasingly difficult in a fundamentally connected world.