Cyber security experts of the United States government have confirmed that the Ukraine power outage in December was caused by "synchronized and coordinated" cyberattack.
The cyberattack happened in Dec. 23 impacted no less than 225,000 consumers.
The Department of Homeland Security's Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) confirms in its report that the blackout was brought about by remote intrusions at three regional electric power distribution firms.
The report says that its analysis is based on the team's interviews with six Ukrainian organizations plagued by the event.
"The [cyberattack] was reportedly synchronized and coordinated, probably following extensive reconnaissance of the victim networks," reads the report. "According to company personnel, the [cyberattacks] at each company occurred within 30 minutes of each other and impacted multiple central and regional facilities."
ICS-CERT says that during the attacks, a number of "external humans" carried out malevolent remote operation of the breakers by using remote administration tools "at the operating system level or remote industrial control system (ICS) client software via virtual private network (VPN) connections."
The affected companies are convinced that to be able to facilitate remote access, the attackers obtained legitimate credentials ahead of the attack.
While the report indicates that the companies were infected with BlackEnergy malware, it says that it doesn't particularly know if the malware played out a role in the attacks.
Reportedly, the malware was delivered to each of the companies by means of spear phishing emails which include harmful Microsoft Office attachments. ICS-CERT suspects that the malware might have been used in gaining user credentials. The report, though, underscores that this information is currently being looked at.
While the report does not specifically speculate on who was responsible for the attack, another report from BBC says that United States investigators have accused Russian hacking group to have caused the power hack attacks in Ukraine.
The investigators said, though, that it wasn't possible to determine whether the group behind the attack was the "Russian government or a well-funded [non-government] team."
Could the cyberattack also happen to other parts of the globe?
Robert Lee, an infrastructure expert at cybersecurity company Sans Institute, told BBC that "the answer is yes," countries in other regions of the world could also be vulnerable to a similar cyberattack.
"The way the Ukrainians set up the grid and the type of the equipment they are using is also the way a lot of other nations do it," he added.
