Since April, more than 700 security experts have been battling a fictional cyber security crisis as part of the EU's biggest defence exercise to date. Featuring power cuts, drones and ransomware, the series of fictional attacks has targeted European digital networks. The seven-month exercise culminates this week, and detailed lessons learned will be shared with participants in the hopes of improving defence systems. Experts have warned that cyber attacks on any number of systems, including satellites and nuclear power station, could result in a global catastrophe. Since April, more than 700 security experts have been battling a fictional cyber security crisis as part of the EU's biggest defence exercise to date (stock image) Cyber Europe 2016 involved over 300 organisations from across 30 countries, with an aim'to safeguard the European Digital Single Market.'
Called the'largest interconnected machine,' the US electricity grid is a complex digital and physical system crucial to life and commerce in this country. Today, it is made up of more than 7,000 power plants, 55,000 substations, 160,000 miles of high-voltage transmission lines and millions of miles of low-voltage distribution lines. This web of generators, substations and power lines is organized into three major interconnections, operated by 66 balancing authorities and 3,000 different utilities. As the grid has become more dependent on computers and data-sharing, it has become more responsive to changes in power demand and better at integrating new sources of energy. But its computerized control could be abused by attackers who get into the systems.
The US Department of Energy (DoE) is planning a "hands-on" test of the real-world consequences associated with successful cyberattacks against core country services. Cyberattacks levied against critical infrastructure, smart grids, and utilities are not a future possibility; but rather, they are happening now. Ukraine's power grid blackout in 2016 was one of the first real indicators that if there are bugs which can be exploited, critical services are just as vulnerable as the average consumer or business to cyberthreats. The malware responsible for the attack in Ukraine -- which caused the city of Kiev to lose power for an hour -- has been dubbed Industroyer by ESET researchers. Industroyer has been dubbed the "biggest threat to industrial control systems since Stuxnet," a worm which was used to compromise an Iranian nuclear facility in 2010.
Just after 2:30 p.m. on Dec. 23, 2015, a freezing day in Western Ukraine, an unknown hacker logged in to the Ivano-Frankivsk's computerized electrical grid control center and, in a few seconds, abruptly shut down all electricity to the area's 225,000 residents. The effects were immediate and far reaching. As night fell, the area plunged into darkness -- no lights, no heat. It was a complete blackout. After about six chaotic hours, electrical workers in the area were finally able to restore power to the region.
Security experts are investigating whether a power outage that affected parts of the Ukrainian capital, Kiev, and the surrounding region this weekend was the result of a cyberattack. If confirmed, it would be the second blackout caused by hackers in Ukraine. The incident affected the automation control systems at the northern power substation near Novi Petrivtsi, a village near Kiev, close to midnight between Saturday and Sunday. This resulted in complete power loss for the northern part of Kiev on the right bank of the Dnieper river and the surrounding region. Engineers from Ukrenergo, Ukraine's national power company, switched the equipment to manual control mode and started restoring power within 30 minutes, said Vsevolod Kovalchuk, acting director of Ukrenergo, in a post on Facebook.