Did Ukraine power grid hack give Russia an edge?
If Russian hackers did聽shut down swaths of Ukraine鈥檚 power grid last year, as US聽officials聽, it may be just one piece of Moscow's strategy to integrate cyberattacks into future military efforts.
At an Atlantic Council event Thursday, experts said the attack 鈥撀爐he first known digital strike that helped trigger widespread outages 鈥撀爎epresents just one part of Russia's strategy in the Ukraine conflict that has previously included the use of espionage and denial-of-service attacks. The full video of the event is available here.听
Despite concerns that the Ukraine grid attack, which shut power to聽80,000 homes in three separate Ukrainian regions, is a harbinger of more spectacular strikes against critical infrastructure, hackers may not have that ability for some time, say experts.
"In the end, 225,000 people lost power for six hours," said Martin Libicki, senior management scientist at the RAND Corporation. "In PEPCO鈥檚 heyday, they used to be able to do that without even blinking," referring to a Washington-area power supplier.
The panel鈥檚 skepticism about the attack has echoed official assurances about grid resilience against hacks.
On Thursday, Gerry Cauley, president of the North American Electric Reliability Corporation (NERC) 鈥 which assures the reliability of US power 鈥撀爐estified in the House Transportation Committee that cyberattacks could not alone cause a long-term shutdown of the grid. But some experts think聽NERC鈥檚 plan to protect critical infrastructure exempts many small power distributors connected to the grid, leaving the US grid vulnerable to attack.
"If the goal of the bad guys is to shut down the US, they鈥檙e going to try to cut off the power," said Rep. Lou Barletta (R) of Pennsylvania at Thursday's hearing.听
But with Russia and Ukraine both playing down the conflict, experts at Atlantic Council said that another major attack against critical infrastructure is not likely.
"Until Christmas, there was no attempt to carry out a cyber attack against any piece of the critical infrastructure," said RAND Corporation's Mr. Libicki, adding that there鈥檚 "no information at this point that there鈥檚 been a cyberattack against military systems."
In fact, most hacks related to the conflict, which began after pro-Russian militants occupied Crimea in February 2014, have been focused on stealing sensitive data, defacing websites, and denying service to Internet users.
Russian spies have used signals intelligence platforms to gather location data from mobile devices and Wi-Fi networks operated by Ukrainian troops. CyberBerkut, a pro-Russian hacktivist group, has also 聽to breach Ukrainian networks to leak embarrassing data about political figures.听
If Russia did have a hand in the grid hack, which many because of the use of 鈥淏lackEnergy鈥 malware connected to a criminal group with ties to Moscow 鈥 it may have been to confuse adversaries about its use of hacking tactics.
"I think Russia benefits from [cybersecurity] being foggy and mythic and tries to ensure that it鈥檚 foggy and mythic," said Jeffrey Mankoff, a senior fellow at the Center for Strategic and International Studies, adding that the attack on the Ukrainian power grid may have been a signal designed to add to speculation about Russia鈥檚 capabilities.
But because many Russian hackers might be attracted to intelligence work or the lucrative criminal underworld, military cyberattacks may not have much of an impact, said RAND鈥檚 Libicki. "We may have overestimated a lot of what cyberwar can do."
That means that future cyberattacks in the conflict 鈥撀燼nd coming from Russia 鈥撀燾ould fly under the radar. "Lawyers are saying, 'If nobody dies then nobody cares,' " said Kenneth Geers, a nonresident fellow at the Atlantic Council.
