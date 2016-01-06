BOSTON Jan 6 A quasi-governmental U.S. electric
industry group last week advised members to review network
defenses following reports that 80,000 customers of a Western
Ukraine utility lost power for six hours following a cyber
attack.
The Electricity Information Sharing and Analysis Center, or
E-ISAC, urged members to "do a better job" at implementing
multiple layers of defense against potential cyber attacks,
saying the incident at Ukraine's Prykarpattyaoblenergo
electricity provider appeared to be the result of a "coordinated
effort by a malicious actor."
The nine-page confidential document, reviewed by Reuters,
did not identify deficiencies in the U.S. grid that could lead
to similar attacks.
Security experts said businesses in many sectors were
closely following the Ukraine incident because it was a
watershed event: the first known cyber attack to take down an
electric grid. It was also one of just a handful of known cyber
attacks that have damaged any kind of physical infrastructure.
Kimberly Mielcarek, a spokeswoman for E-ISAC, said that the
organization would continue to provide more data as it pursued
an investigation with help of the federal government.
"There is no credible evidence that the incident could
affect North American grid operations and no plans to modify
existing regulations or guidance based on this incident," she
said in an emailed statement.
Prykarpattyaoblenergo reported an outage on Dec. 23.
Ukraine's SBU state security service blamed Russia and the
energy ministry set up a commission to investigate. A ministry
spokesman said on Wednesday that the results will not be
released until after Jan. 18.
The Kremlin has not responded to requests for comment.
The U.S. Central Intelligence Agency, Department of Homeland
Security, Federal Bureau of Investigation and White House
National Security Council all declined to comment on efforts to
probe the incident.
The E-ISAC report identified systems integrator Galician
Computer Co as having worked for Prykarpattyaoblenergo and two
other utilities that were reported to have been targeted in the
attack but did not experience outages: Chernivtsioblenergo and
Kyivoblenergo.
"The integrator is the single point of connection between
various regional electrical entities in the Ukraine that were
exposed to this attack," the report said.
Galician Computer Co told Reuters via email that it had
provided software to only one of the three firms and was not
involved in running any of the plants.
"According to reports from employees at that regional power
firm, attacks were definitely carried out and led to blackouts,"
the statement said. "We do not have any other information
regarding this incident."
