U.S. power companies warned to bolster defenses after possible Russian cyberattack in Ukraine

U.S. power companies are being warned to harden their computer networks as American intelligence agencies reportedly investigate whether Russia electronically disabled part of Ukraine’s power grid.

The National Security Agency, the Central Intelligence Agency, and the Department of Homeland Security are all reportedly investigating samples of malware found in a Ukrainian power company’s network. The company, Prykarpattyaoblenergo, said on Dec. 23 that its grid in western Ukraine had suffered a major outage, and Ukrainian officials are blaming Russia for the incident.

While the attribution of such attacks is difficult, independent researchers have also linked the malicious computer code, known as BlackEnergy, to Russia.

A DHS spokesman declined to say whether the department was involved in a U.S. investigation of the power outage. A CIA spokesman also declined to comment. The NSA did not respond to a request for comment.

The White House declined to comment on the situation in Ukraine, including to assess whether a cyberattack on Ukraine’s civilian power grid, if verified, would represent an act of war.

If Russia did use cyberspace to disable the power company’s systems, it would represent the first known case of a cyberattack causing a blackout. The international legal implications of such an attack remain unclear.

Meanwhile, the Electricity Information Sharing and Analysis Center, an industry group with ties to the U.S. government, warned American power companies to improve their cyberdefenses to prevent a similar incident on U.S. soil.

E-ISAC’s confidential memo to the power companies suggested that the Ukrainian outage was the work of a “coordinated effort by a malicious actor” and warned the companies to “do a better job” of repelling digital intrusions, according to Reuters, which obtained a copy of the document.

A spokeswoman for the group told Reuters that it did not plan to “modify existing regulations or guidance based on this incident.”

Russian interference in Ukraine began in early 2014, when pro-Russian separatists, backed by Russian military forces, seized the Crimean peninsula. The seizure followed a 2013 uprising that led to the ouster of Ukraine’s pro-Russian president.

Photo via kishjar?/Flickr (CC BY 2.0) | Remix by Jason Reed

Eric Geller

Eric Geller

Eric Geller is a politics reporter who focuses on cybersecurity, surveillance, encryption, and privacy. A former staff writer at the Daily Dot, Geller joined Politico in June 2016, where he's focused on policymaking at the White House, the Justice Department, the State Department, and the Commerce Department.