Sign in / up

back to article Energy firm points to hackers after Kiev power outage

A cyber attack is suspected in connection with an outage of the Ukrainian power grid that affected homes around Kiev last weekend. A substation in Pivnichna was cut off from the main power grid for about 75 minutes late on Saturday 17 December, lasting into the early hours of Sunday. As a result, houses and flats of the right …

COMMENTS

Post your comment
House rules Send corrections
Add to 'My topics' unstar *
  1. Anonymous Coward
    Facepalm

    Why is the substation connected to the internet?

    You would have hoped that some basic thought on cybersecurity would have ensured that the power substation is not connected to the internet. If the power company actually needed remote access to the sub-station's equipment then it would have used dedicated network links, or (at the very least) an encrypted connection terminating in a firewall that rejects all other traffic (preferably supported by device-specific firewalls that only accept network connections from a white-listed set of network addresses).

    Come on guys, this is not rocket science!

    18 0 Reply
    1. Jess--
      Reply Icon

      Re: Why is the substation connected to the internet?

      they probably got a good deal on powerline ethernet adaptors

      15 0 Reply
    2. Brian Miller
      Reply Icon

      Re: Why is the substation connected to the internet?

      Why? Because there's too much data for a modem connection, and it's too expensive or inconvenient for dedicated lines.

      Hooking things up correctly to world+dog+hackers has been established for a long time. Unfortunately, as is seen repeatedly, e.g., Bangladesh, a numpty was having fun with the wires. Firewall? Don't need it. VNC with no password? No problem. Rules for iptables? We don't need no stinkin' rules! Again and again and again, it's the same thing.

      Yes, there is more than enough talent and knowledge to fix the problems. However, applying it is its own problem.

      1 0 Reply
      1. Anonymous Coward
        Reply Icon
        Anonymous Coward

        Re: Why is the substation connected to the internet?

        "Because there's too much data for a modem connection"

        Is there? On what planet? Please justify, including real world examples, bearing in mind that many readers are connected via LV/MV substations with zero telemetry, where fault notification to the distribution company is courtesy of the first customer who phones in to say their power is off, and the distribution company then wait to see who else calls in before they have a clue about the extent of the outage.

        The idea of VNCing in to a smalltime substation is just unbelievably wrong in so many ways.The cost of the compute power and even (in most places) the comms would be near negligible, if people were engaging brains before deploying Window boxes everywhere.

        In a joined up world where paperpushers were extinct and engineers with vision were in charge, smartmeters could have helped with voltage monitoring and outage notification, especially so if near-universal cellphone coverage had been a costed part of the plan. Not a chance in reality of course.

        Back to reality: what live data from a typical small scale LV/MV substation needs to be polled more than once a minute or so? Monitoring of fast changes at substations *could* be done with a tiny bit of local intelligence and local storage and (again) reporting on a tiimescale of minutes.

        "there is more than enough talent and knowledge to fix the problems. However, applying it is its own problem."

        Indeed. It's not going to improve while the cost of failure is routinely passed straight through to the customer - where's the motivation to get things right?

        1 0 Reply
  2. createahandletheysay

    The installed a smart meter

    6 0 Reply
  3. Yesnomaybe

    A serious threat.

    Hacking these systems is a really good way of inflicting a lot of damage. I'm not saying this example IS an attack. But it is an obvious target.

    I'm not a doomsday-prepper. But I do have a small generator sitting ready in the garage in case of power-cuts (for whatever reason, the UK's power-generation infrastructure is seriously short on spare capacity)

    If the power goes, the central heating system won't work. So I have bought a small 4-stroke generator/inverter to power the essentials at home if and when it happens here.

    3 0 Reply
    1. lglethal Silver badge
      Reply Icon
      Trollface

      Re: A serious threat.

      I follow the much cheaper Option. If the power goes here, I head to the Pub. Even if the Pub has no power, they can still sell bottles of various tipples, and drinking enough of those will do the job of keeping me warm! :P

      4 0 Reply
      1. Commswonk
        Reply Icon

        Re: A serious threat.

        Even if the Pub has no power, they can still sell bottles of various tipples...

        Have you checked stress tested your "best laid plan"? Your chosen hostelry may not have any candles (or other emergency lighting) and if their cash register is not battery backed they might be reluctant to fall back on to loose change in a cardboard box. The staff might not even be able to remember what individual drinks actually cost as the cash register (just as likely to be a PC with a touch screen these days) probably tells them automatically.

        I'd hate you to repair to the pub only to find it closed.

        Sales opportunity: try selling them a decent UPS.

        6 0 Reply
    2. Destroy All Monsters Silver badge
      Reply Icon

      Re: A serious threat.

      Hacking these systems is a really good way of inflicting a lot of damage. I'm not saying this example IS an attack. But it is an obvious target.

      A better way of inflicting a lot of damage is waltzing in with a few pounds of C4.

      0 0 Reply
      1. Anonymous Coward
        Reply Icon
        Anonymous Coward

        Re: A serious threat.

        "a few pounds of C4."

        C4 may well be sufficient, but it is definitely not necessary.

        If a few small teams (3? maybe 2?) a few miles apart can co-ordinate their work, all that is needed to achieve the same result as the C4 (assuming your process is similar to the one I have in mind) is a few half decent tool shops (hire or purchase, take your pick). and some tools which are so common that they may even be readily available untraceably without needing a shop.

        Keep calm and stock up on LED lighting. And maybe camping cookers. You know it makes sense.

        3 0 Reply
    3. Martin an gof Silver badge
      Reply Icon
      Boffin

      Re: A serious threat.

      I have bought a small 4-stroke generator/inverter to power the essentials at home

      During one of our fairly frequent power cuts I tried keeping the boiler going using a cheap computer UPS. Here's a tip - the synchronous motor in the central heating pump doesn't like a "modified sine wave". Next time I'll try using my slightly less-cheap "pure sine wave" UPS and see how that copes.

      Mind you, a couple of winters ago the flippin gas was cut off due to the regulator supplying the village freezing. Never had that before.

      For those who like to keep an eye on these things and prepare themselves, National Grid not only offers a real time plot of grid frequency (requires Flash) which can give you an indication of load, but also allows you to sign up for automated capacity notices where, if I understand it correctly, you get a notice when the available margin of generation above actual demand falls below a set threshold. It's designed to warn those able to increase that margin to get ready to do so.

      For the rest of us who just like numbers and graphs, don't forget the excellent Gridwatch. The mouse-over tooltips are well worth reading.

      M.

      2 0 Reply
  4. Anonymous Coward
    Anonymous Coward

    Why is the substation connected to the internet?

    Maybe it isn't. But far better to tell the Ukrainian government that the mongo powercut it is the Russkies fault for hacking a switching station than 'fess up "It was us, we're a bunch of under-investing bunglers".

    And longer term, if the government can be persuaded of this then everybody's happy: Government get to blame Russia for yet another thing, the power company will be delighted that government agree all the power infrastructure needs hardening - more money to spend and make a return on, more loot to skim or steal outright, more juicy contracts to funnel to your mates....

    The only losers are the Ukrainian proles. Even the Russian's benefit, because they seem to be revelling in the status of international bag guys (if I was Putin, I certainly would be). Moving swiftly off topic, I was rather amused to see the BBC claiming that Russia was "deliberately allowing European jihadists in Syria to go free in order to bring terrorism back to the EU". If Russia carpet bombs Syria it is at fault. If it summarily executes suspected jihadis, it is at fault. If it lets them go it is at fault (apparently there's no blame on the Western nations for failing to integrate minorities, turning a blind eye when thousands of suspects "go on holiday to Turkey", and then allowing them back). And of course, Trump is Russia's fault.

    I suggest we blame Russia for climate change, globalisation, poverty in Africa, drugs, and child abuse. Perhaps Mrs May should take the BBC's lead, and establish a Department of Blaming Everything on Russia.

    11 9 Reply
    1. Schnoerkelman
      Reply Icon

      I hope you've noticed that there are a few points on the line between carpet bombing, summary execution and letting them walk. Clearly the thermonuclear option is the simplest but perhaps not always the best.

      As to being connected, "Smart Grid connectivity" doesn't imply Internet connectivity (notice the use of capitalization to indicate proper names). Iran's control systems were not connected to the Internet but still caught a cold.

      Finally, "a -1˚C maximum and a -9˚C minimum" doesn't count a cold in them there parts (nor in Nebraska).

      5 1 Reply
      1. Robert Helpmann??
        Reply Icon
        Childcatcher

        "Smart Grid connectivity" doesn't imply Internet connectivity

        Yes, but you can bet that someone has in fact connected the power system to the internet so they can monitor their job from home using some random crap they cobbled together after a quick Google search thereby rendering the "Smart Grid" about as intelligent as a box of rocks.

        4 1 Reply
        1. RyszrdG
          Reply Icon

          Re: "Smart Grid connectivity" doesn't imply Internet connectivity

          ..of course it could never happen in the UK..

          3 0 Reply
    2. Rich 11
      Reply Icon

      Lay off the vodka, tovarisch.

      2 0 Reply
      1. Anonymous Coward
        Reply Icon
        Anonymous Coward

        You made me spill my Borscht!

        Seriously, it could have been Moose and Squirrel. Those guys are spies, saboteurs, and known mooseberry traffickers!

        2 0 Reply
    3. Anonymous Coward
      Reply Icon
      Anonymous Coward

      Re: Government get to blame Russia

      Why singlular? I have no idea how many governments have ruled Ukraine since the dissolution of the Soviet Union but they seem to have in common the unwillingness to invest even in maintenance. Be it the gas pipe or the electricity grid it does not matter. If the equipment was built by the Soviet "Risskies" back in the 70's or 80's, and hasn't seen maintenance since, the fault is clearly with them.

      2 0 Reply
  5. Stevie

    Bah!

    Makes you wonder how the job ever got done before there was an internet, dunnit?

    2 0 Reply
    1. Rich 11
      Reply Icon

      Re: Bah!

      It was done by blokes trained to recognise problems and given a van to go check up on hardware every now and again. But then their wages became an obviously unnecessary expense draining profit from the deserving shareholders, so they had to go.

      10 0 Reply
      1. Anonymous Coward
        Reply Icon
        Anonymous Coward

        Re: Bah!

        @Rich 11

        "It was done by blokes trained to recognise problems and given a van to go check up on hardware every now and again."

        And for a period of time it could also be adequately done remotely if necessary, by investing [1] in telemetry kit which was capable of doing its job using low data rate connectivity, e.g. the kind of thing which could be polled every few seconds over an RF modem (and/or, where applicable, a more traditional modem on a private wire or PSTN line).

        You could still do that kind of thing today over the cellular networks, if need be.

        Except for one little snag: the cellular network coverage isn't anything like good enough. Still, the markets will sort it, won't they.

        [1] I know, I know: privatised utilities and other corporate cartels (e.g. the cellcos) don't have that word in their dictionaries.

        2 0 Reply
  6. Alister
    Facepalm

    Worryingly, if this does prove to be another cyberattack on the Ukrainian grid, it sets an uncomfortable precedent that similar attacks may occur annually at this time of year.”

    Well yes, whilst ever you don't disconnect it from the Internet...

    2 0 Reply
  7. phil 27

    Pay for out of band comms links...

    1 0 Reply
  8. Destroy All Monsters Silver badge
    Trollface

    Meanwhile, in the Empire

    According to sources not only Russia, but also China and Iran may have had their hands in what can only be described as the Great Electoral Rape And Democracy Destruction Extravaganza of 2016. (Why not North Korea and possibly Maduro? That would at least complete the Axis of Evil lineup.)

    [Senate Majority Leader Mitch McConnell]l said the issue should be investigated in “regular order” by the Senate intelligence panel, which is “fully capable of handling this.”

    McConnell’s comments put him at odds with Arizona Sen. John McCain and other Republicans who have joined with incoming Senate Democratic leader Chuck Schumer in calling for a special committee to investigate efforts by Russia, China and Iran to interfere in U.S. elections....

    McCain, chairman of the Senate Armed Services Committee, said Russian interference in the election threatens to “destroy democracy,” adding that a select committee is needed to find out exactly what Russia did and what effect it had on the election.

    “We need to get to the bottom of this,” McCain said. “We need to find out exactly what was done and what the implications of the attacks were, especially if they had an effect on our election.”

    He said: “There’s no doubt they were interfering and no doubt that it was cyberattacks. The question now is how much and what damage and what should the United States of America do? And so far, we have been totally paralyzed.”

    0 0 Reply

POST COMMENT House rules

Not a member of The Register? Create a new account here.

Forgotten password ?

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon