Ukraine Convinced Russia Hacked Its Power Grid

Daily Caller News Foundation logo
Andrew Follett Energy and Science Reporter
Font Size:

Hackers who attacked Ukraine’s power grid in December used a Russian-based Internet provider and made phone calls from inside the country, according to a Friday statement by Ukraine’s energy ministry.

Ukraine claims the hackers prepared the attack at least six months in advance, and other industrial systems in Ukraine had also been targeted. They prepared using “social engineering.” This technique includes doing simple research, sending fake emails, or just asking for the personal information which secures cyber systems. Most of the power grid was compromised by fake emails from seemingly legitimate sources which were used to infect computers with malware.

When the actual attack was launched, the hackers flooded power companies with fake phone calls, making sure the companies didn’t realize the extent of the outage.

The energy ministry did not directly accuse the Russian government of the attack, but has suspected Russia was behind it since late December.

The incident was the first known cyber-attack to take down an electric grid and one of relatively few attacks which damaged physical infrastructure. It left approximately 700,000 homes without power for several hours Dec. 23, mostly in the Ivano-Frankivsk region of Ukraine.

The attack was probably caused by a well-engineered malware called BlackEnergy which disconnected electrical substations from the main power grid. A similar malware was used against Ukrainian media organizations during the 2015 local elections. The United States Department of Homeland Security twice warned American utilities about the type of malware in December 2014 and again in June 2015.

American utilities, which are relatively well-defended compared to Ukraine’s, reported 13 different cyber break-ins between 2011 and 2014. A single minute of grid downtime can cost up to $15,447, according to analysis.

A Freedom of Information Act request revealed hackers successfully infiltrated the Department of Energy’s (DOE) computer system 159 times between 2010 and 2014. The DOE was targeted 1,131 times over the same period. The National Nuclear Security Administration, a sub-agency within the DOE which secures the country’s nuclear weapons, was hit with 19 successful cyberattacks over those four years.

Infecting industrial systems such as power grids with malware is so simple there are even five-minute YouTube tutorials on how to do it.

Any kind of improper use of electrical or industrial systems can also be disastrous, as demonstrated by the explosion of the Sayano-Shushenskaya hydroelectric dam in Russia in 2009, which killed 75 people and caused an environmental catastrophe. The explosion occurred when a manager improperly accessed the plant remotely.

Follow Andrew on Twitter

Send tips to

Content created by The Daily Caller News Foundation is available without charge to any eligible news publisher that can provide a large audience. For licensing opportunities of our original content, please contact