Dangerous times…

December has been a dangerous time for Ukraine at least twice – in 2015 and 2016.On 23 December 2015, three oblenergos (Ukrainian electricity companies) were attacked, probably by sheer coincidence, 1 day before Christmas, while on 17 December 2016 the Pivnichna transmission substation, which provides a significant part of Kiev’s electricity supply, was attacked.

One of the topicalities of this post is the 5-year anniversary of the latter attack.

But there is another reason. In 2015 and 2016, Russian-Ukrainian relations have been tenser than average. Just like now, when Russia is making troop withdrawals along the border. The tension around Ukraine, the Russian troop build-up near the border, was one of the main topics of the Biden-Putin video conference on 7 December. The two sides warned each other of the consequences of crossing certain borders, in other words the need to prevent a possible escalation of the hybrid war that has been going on between the parties concerned for some time. According to press reports, the US also wanted to discuss cyber security aspects.

Unfortunately, tensions in the region have not eased since the summit.

In addition, the storm around the Log4j vulnerability has erupted – and who knows how long it will continue to do so. Last year, the SolarWinds/Orion incident erupted just before Christmas. How interesting… Can we start to fear December?!

In such times of emergency, it’s good to know what threats the electricity sector is currently facing. This is well summarised in Dragos’ webinar of 26 October. The webinar slides are also available separately HERE.

Dragos’ Global Electric Cyber Threat Perspective report, published in September this year, is available HERE.

With the above in mind, it is worth keeping a watchful eye on the Ukrainian electricity system in the coming weeks (months?)…


…And then around the bend I noticed the Log4j vulnerability… 🙁



Messages either agreeing or disagreeing with the above are welcome. For example, by responding to them in a new post, we can even start a substantive professional exchange.