 | This article needs additional citations for verification .(November 2023) |
A cyberattack happened in the Ukrainian capital Kyiv just before midnight on 17 December 2016, and lasted for just over an hour. [1] The national electricity transmission operator Ukrenergo said that the attack had cut one fifth of the city's power consumption at that time of night. [1]
The attack affected the electrical substation at Pivnichna, outside the capital. [1] It happened a year after a previous attack on Ukraine's power grid. [1]
Dragos Security concluded that the attack was not merely to cause short-term disruption but to cause long-lasting damage that could last weeks or months. [2] The attackers had tried to cause physical damage to the station when the operators turned the grid back on. [2] The attack used Industroyer malware and has the ability to attack hardware including SIPROTEC protective relays. [2] These protective relays open circuit breakers if they detect dangerous conditions. [2] A security flaw meant that a single packet could put the relays in a state where it would be useless unless manually rebooted. [2] Siemens released a software patch in 2015 to fix the issue, but many relays weren't updated with it. [2] Evidence from logs obtained by Dragos Security showed the attackers initially opened every circuit breaker in the transmission station, causing a power cut. [2] Then an hour later they ran wiper malware to disable the station's computer, making it impossible to monitor the station. [2] Finally, the attackers tried to disable four of the stations SIPROTEC protective relays, which could not be detected by operators. [2] Dragos concluded that the attackers intended the operators to re-engergise the station equipment, which could have injured engineers and damaged equipment. [2] The data packets intended for the protective relays were sent to the wrong IP address. [2] The operators may also have brought the station back online faster than attackers expected. [2]
SCADA is a control system architecture comprising computers, networked data communications and graphical user interfaces for high-level supervision of machines and processes. It also covers sensors and other devices, such as programmable logic controllers, which interface with process plant or machinery.
A circuit breaker is an electrical safety device designed to protect an electrical circuit from damage caused by overcurrent. Its basic function is to interrupt current flow to protect equipment and to prevent the risk of fire. Unlike a fuse, which operates once and then must be replaced, a circuit breaker can be reset to resume normal operation.
A substation is a part of an electrical generation, transmission, and distribution system. Substations transform voltage from high to low, or the reverse, or perform any of several other important functions. Between the generating station and consumer, electric power may flow through several substations at different voltage levels. A substation may include transformers to change voltage levels between high transmission voltages and lower distribution voltages, or at the interconnection of two different transmission voltages. They are a common component of the infrastructure. There are 55,000 substations in the United States.
An earth-leakage circuit breaker (ELCB) is a safety device used in electrical installations with high Earth impedance to prevent shock. It detects small stray voltages on the metal enclosures of electrical equipment, and interrupts the circuit if a dangerous voltage is detected. Once widely used, more recent installations instead use residual-current devices which instead detect leakage current directly.
A kill switch, also known more formally as an emergency brake, emergency stop (E-stop), emergency off (EMO), or emergency power off (EPO), is a safety mechanism used to shut off machinery in an emergency, when it cannot be shut down in the usual manner. Unlike a normal shut-down switch or shut-down procedure, which shuts down all systems in order and turns off the machine without damage, a kill switch is designed and configured to abort the operation as quickly as possible and to be operated simply and quickly. Kill switches are usually designed to be noticeable, even to an untrained operator or a bystander.
In electric power distribution, automatic circuit reclosers (ACRs) are a class of switchgear designed for use on overhead electricity distribution networks to detect and interrupt transient faults. Also known as reclosers or autoreclosers, ACRs are essentially rated circuit breakers with integrated current and voltage sensors and a protection relay, optimized for use as a protection asset. Commercial ACRs are governed by the IEC 62271-111/IEEE Std C37.60 and IEC 62271-200 standards. The three major classes of operating maximum voltage are 15.5 kV, 27 kV and 38 kV.
In an electric power system, a switchgear is composed of electrical disconnect switches, fuses or circuit breakers used to control, protect and isolate electrical equipment. Switchgear is used both to de-energize equipment to allow work to be done and to clear faults downstream. This type of equipment is directly linked to the reliability of the electricity supply.
In electric power distribution and transmission, a Buchholz relay is a safety device mounted on some oil-filled power transformers and reactors, equipped with an external overhead oil reservoir called a "conservator".
Power-system automation is the act of automatically controlling the power system via instrumentation and control devices. Substation automation refers to using data from Intelligent electronic devices (IED), control and automation capabilities within the substation, and control commands from remote users to control power-system devices.
Power system protection is a branch of electrical power engineering that deals with the protection of electrical power systems from faults through the disconnection of faulted parts from the rest of the electrical network. The objective of a protection scheme is to keep the power system stable by isolating only the components that are under fault, whilst leaving as much of the network as possible in operation. The devices that are used to protect the power systems from faults are called protection devices.
An arc flash is the light and heat produced as part of an arc fault, a type of electrical explosion or discharge that results from a connection through air to ground or another voltage phase in an electrical system.
An electric power system is a network of electrical components deployed to supply, transfer, and use electric power. An example of a power system is the electrical grid that provides power to homes and industries within an extended area. The electrical grid can be broadly divided into the generators that supply the power, the transmission system that carries the power from the generating centers to the load centers, and the distribution system that feeds the power to nearby homes and industries.
A dispatcher training simulator (DTS), also known as an operator training simulator (OTS), is a computer-based training system for operators of electrical power grids. It performs this role by simulating the behaviour of the electrical network forming the power system under various operating conditions, and its response to actions by the dispatchers. Student dispatchers may therefore develop their skills from exposure not only to routine operations but also to adverse operational situations without compromising the security of supply on a real transmission system.
A cyberattack is any offensive maneuver that targets computer information systems, computer networks, infrastructures, personal computer devices, or smartphones. An attacker is a person or process that attempts to access data, functions, or other restricted areas of the system without authorization, potentially with malicious intent. Depending on the context, cyberattacks can be part of cyber warfare or cyberterrorism. A cyberattack can be employed by sovereign states, individuals, groups, societies or organizations and it may originate from an anonymous source. A product that facilitates a cyberattack is sometimes called a cyber weapon. Cyberattacks have increased over the last few years. A well-known example of a cyberattack is a distributed denial of service attack (DDoS).
The vulnerability of nuclear plants to deliberate attack is of concern in the area of nuclear safety and security. Nuclear power plants, civilian research reactors, certain naval fuel facilities, uranium enrichment plants, fuel fabrication plants, and even potentially uranium mines are vulnerable to attacks which could lead to widespread radioactive contamination. The attack threat is of several general types: commando-like ground-based attacks on equipment which if disabled could lead to a reactor core meltdown or widespread dispersal of radioactivity; external attacks such as an aircraft crash into a reactor complex, or cyber attacks.
Idaho National Laboratory ran the Aurora Generator Test in 2007 to demonstrate how a cyberattack could destroy physical components of the electric grid. The experiment used a computer program to rapidly open and close a diesel generator's circuit breakers out of phase from the rest of the grid, thereby subjecting the engine to abnormal torques and ultimately causing it to explode. This vulnerability is referred to as the Aurora Vulnerability.
On December 23, 2015, the power grid in two western oblasts of Ukraine was hacked, which resulted in power outages for roughly 230,000 consumers in Ukraine for 1-6 hours. The attack took place during the ongoing Russo-Ukrainian War (2014-present) and is attributed to a Russian advanced persistent threat group known as "Sandworm". It is the first publicly acknowledged successful cyberattack on a power grid.
A series of powerful cyberattacks using the Petya malware began on 27 June 2017 that swamped websites of Ukrainian organizations, including banks, ministries, newspapers and electricity firms. Similar infections were reported in France, Germany, Italy, Poland, Russia, United Kingdom, the United States and Australia. ESET estimated on 28 June 2017 that 80% of all infections were in Ukraine, with Germany second hardest hit with about 9%. On 28 June 2017, the Ukrainian government stated that the attack was halted. On 30 June 2017, the Associated Press reported experts agreed that Petya was masquerading as ransomware, while it was actually designed to cause maximum damage, with Ukraine being the main target.
Industroyer is a malware framework considered to have been used in the cyberattack on Ukraine’s power grid on December 17, 2016. The attack cut a fifth of Kyiv, the capital, off power for one hour and is considered to have been a large-scale test. The Kyiv incident was the second cyberattack on Ukraine's power grid in two years. The first attack occurred on December 23, 2015. Industroyer is the first ever known malware specifically designed to attack electrical grids. At the same time, it is the fourth malware publicly revealed to target industrial control systems, after Stuxnet, Havex, and BlackEnergy.
Sandworm is an advanced persistent threat operated by Military Unit 74455, a cyberwarfare unit of the GRU, Russia's military intelligence service. Other names for the group, given by cybersecurity researchers, include Telebots, Voodoo Bear, IRIDIUM, Seashell Blizzard, and Iron Viking.