The Fraud Examiner

Plunged into Darkness: The Threat of Power Grid Hacking

Mark Blangger  
Research Editor, Association of Certified Fraud Examiners                                 

While a report prepared by the Risk and Infrastructure Science Center indicates that severe weather — like Hurricanes Harvey and Maria — lead the pack when it comes to causes of power outages in the U.S., Mother Nature is not without rivals. Power grids can go down for a number of reasons beyond natural disasters. They often use aging equipment, are prone to human error and can just malfunction. However, energy hackers are starting to play more of a role in blackouts.


Power grid takedowns

In December 2015, one of the operators at the Prykarpattyaoblenergo control center, which distributes power to some of Ukraine’s 24 regions, was preparing to leave for the day when he noticed his computer’s cursor move across the screen under its own power. The operator watched in disbelief as the cursor deliberately navigated toward buttons that control a regional substation’s circuit breakers, then clicked on a box to open the breakers and take the entire substation offline. When the confirmation dialogue box popped up, the cursor moved effortlessly to the box and clicked to confirm the action. The ghost attacker continued this process until almost 60 substations were taken offline. The operator had no control over the situation. The hacker even logged the operator out and changed his password. The attack left more than 230,000 residents without power.


This attack on Ukraine’s power grid was a first of its kind and well planned. Almost exactly one year later, hackers infiltrated the power grid of the Ukrainian capital, Kiev, knocking out approximately 20% of the city’s nighttime energy consumption.


Were the power grid hacks on the Ukraine the perpetrators’ way of showing exactly what they’re capable of doing — to any country?


According to a September 2017 report by USA Today , an organized hacking group has hacked into dozens of U.S. power companies over the past nine months. Symantec discovered the attacks, and its principal research manager, Vikram Thkur, indicated that companies that generate, transmit and distribute power have been the hackers’ focus. Joel Brenner, a senior research fellow at the Massachusetts Institute of Technology, said, “I think preparation for a potential attack is what we’re seeing. And whoever’s doing this . . . want[s] us to know.”


Sign In

Not a member? Click here to Join Now and access the full page.