KIEV, Dec 20 (Reuters) - Ukraine is investigating a suspected cyber attack on Kiev’s power grid at the weekend, the latest in a series of strikes on its energy and financial infrastructure, the head of the state-run power distributor said on Tuesday.
Vsevolod Kovalchuk, acting chief director of Ukrenergo, told Reuters that a power distribution station near Kiev unexpectedly switched off early on Sunday, leaving the northern part of the capital without electricity.
It comes after a Ukrainian security chief said last week that Ukraine needed to beef up its cyber defences, citing a spate of attacks on government websites that he said originated in Russia.
Kovalchuk said the outage amounted to 200 megawatts of capacity, equivalent to about a fifth of the capital’s energy consumption at night.
“That is a lot. This kind of blackout is very, very rare,” Kovalchuk told Reuters by phone.
He said there were only two possible explanations for the accident: either a hardware failure or external interference.
The company’s IT specialists had found transmission data that had not been included in standard protocols, suggesting that external interference was the likeliest scenario.
Over the past month, Ukraine’s finance and defence ministries and the state treasury have said their websites had been temporarily downed by attacks aimed at disrupting their operations.
Kovalchuk said Ukraine’s state security service had joined the investigation. “There are no final conclusions yet about what it was, but experts say that this was something new and they have not encountered this before,” Kovalchuk said.
Last December, another Ukrainian regional power company Prykarpattyaoblenergo reported an outage, saying the area affected included the regional capital Ivano-Frankivsk. Ukraine’s state security service blamed Russia.
Experts widely described that incident as the first known power outage caused by a cyber attack. The U.S. cyber firm iSight Partners identified the perpetrator as a Russian hacking group known as “Sandworm.”
They said power distributors had ignored their own security rules by allowing critical computers to be hooked up to the Internet when they should have been kept within an internal network. (Editing by Matthias Williams and Richard Balmforth)