The power wasn’t out long in Ukraine: just one to six hours for all the areas hit. But more than two months after the attack, the control centers are still not fully operational, according to a recent US report. Ukrainian and US computer security experts involved in the investigation say the attackers overwrote firmware on critical devices at 16 of the substations, leaving them unresponsive to any remote commands from operators. The power is on, but workers still have to control the breakers manually.
Interesting that the attackers chose to do that. I’d call that a bit of evidence that this was a nation-state, and even more likely Russia or one of her allies.
A concerning follow-up:
That’s actually a better outcome than what might occur in the US, experts say, since many power grid control systems here don’t have manual backup functionality, which means that if attackers were to sabotage automated systems here, it could be much harder for workers to restore power.