Inside the Cunning, Unprecedented Hack of Ukraine’s Power Grid
“The hackers who struck the power centers in Ukraine—the first confirmed hack to take down a power grid—weren’t opportunists who just happened upon the networks and launched an attack to test their abilities; according to new details from an extensive investigation into the hack, they were skilled and stealthy strategists who carefully planned their assault over many months, first doing reconnaissance to study the networks and siphon operator credentials, then launching a synchronized assault in a well-choreographed dance.
‘It was brilliant,’ says Robert M. Lee, who assisted in the investigation. Lee is a former cyber warfare operations officer for the US Air Force and is co-founder of Dragos Security, a critical infrastructure security company. ‘In terms of sophistication, most people always [focus on the] malware [that’s used in an attack],’ he says. ‘To me what makes sophistication is logistics and planning and operations and … what’s going on during the length of it. And this was highly sophisticated”