U.S. security agencies are investigating whether Russian government hackers were behind a cyberattack on the Ukrainian power grid last month.
Computer security experts at the Central Intelligence Agency, the National Security Agency, and the Homeland Security Department are examining the malicious software found on the networks of a power company in western Ukraine, which said on December 23 that a large area of the country had been left without electricity due to “interference” in its systems, the Daily Beast and Washington Examiner reported.
The attack in Ukraine could be a bad sign for the U.S. power grid, because malicious software known as BlackEnergy that was found on the networks of the Ukrainian power company, Prykarpattyaoblenergo, was also used in a campaign targeting power facilities in the United States in 2014.
The 2014 attack caused no damage but it set off alarms among U.S. security and intelligence agencies.
U.S. utility watchdogs, including the North American Electric Reliability Council, have warned U.S. power companies to be on the alert and review their network defenses in light of the successful Ukraine attack.
Ukrainian officials have publicly blamed Russia for the attack, but Russia's involvement hasn't been confirmed separately. A Moscow-backed group, Sandworm, has been suspected of using BlackEnergy for targeted attacks in the past.
Confirmation that Russia was behind the Ukraine attack would put pressure on U.S. President Barack Obama to publicly assign the blame as he did when he identified North Korea as the culprit in a cyberattack on Sony Pictures Entertainment in 2014. Obama later ordered sanctions on North Korea and ordered a cyber-counterattack on its web system.
With reporting by Reuters, Daily Beast, Quartz, and Washington Examiner