Helping to keep the lights on in Ukraine in the face of electronic warfare

Ukraine's high-voltage electricity substations rely on GPS for time synchronization.
Many of Ukraine's high-voltage electrical substations - which play a vital role in the country's domestic transmission of power - make extensive use of the availability of precise GPS timing information to help operators anticipate, react and diagnose a complex high-voltage electric grid.
The GPS timing issue wouldn't leave my head. I tried to look at it from all different angles.
To truly understand the layers of solving this issue, I need to talk about why GPS clock timing is so important to electric grids.
Most people are familiar with GPS because we rely on it for navigation, but it has also become the dominant system for the distribution of time and frequency signals globally.
These satellites send very precise time data to GPS receivers on the ground that receive and decode the signals, effectively synchronizing each receiver to the same clock.
Because GPS time is so accurate, GPS-disciplined clocks are commonly used in industrial systems, like Ukraine's power grid, that require extremely precise time across a vast geographic area.
The frequency reference is provided by an internal crystal oscillator within the device, and that crystal tells the device how fast time is going.
These times are never perfectly accurate due to manufacturing variations and other variables in the crystal oscillators, causing time to advance at slightly different rates across various devices.
Devices can use the GPS satellites' time signal to determine how accurate its local time reference is and then adjust the time accordingly, thereby enabling all devices running GPS-enabled clocks to be aligned to the exact same time.
These GPS time signals are crucial for making a key piece of power equipment called a phasor measurement unit run effectively.
PMU data is time-stamped - to the precision of a microsecond - using the timing signal from GPS satellites.
Without the ability to analyze the precise timing of an electrical anomaly as it propagates through a grid, grid operators have difficulty diagnosing the exact issue that requires correction.
Relatedly, if GPS timing is down, grid operators will have increased difficulty balancing power during the adverse events that occur during wartime.
Industrial Ethernet switches do not have atomic clocks for holdover accuracy - but they have a good enough clock, able to measure time accurately in microseconds, to sustain an accurate time sync.
Most network hardware devices use an internal crystal oscillator to generate their clock time, but these crystals' frequencies can oscillate widely based on local conditions.
Holdover is the time period to keep the clocks in sync until timing signals can be restored.
We modified the Industrial Ethernet switch's code to provide trusted time.
With an Industrial Ethernet switch deployed to Ukraine's substations, it measures the difference between the PMU's local time reference used by the PMU and GPS time while GPS is still active.
Of course, we must thank our partners in Ukraine, the U.S. government, and ICS vendors and experts who lent us their time, empathy, and expertise.


This Cyber News was published on blog.talosintelligence.com. Publication date: Mon, 04 Dec 2023 13:13:04 +0000


Cyber News related to Helping to keep the lights on in Ukraine in the face of electronic warfare

Exclusive: Ukraine says joint mission with US derailed Moscow's cyberattacks - On a Wednesday afternoon in late September, the head of the cyber division of Ukraine's intelligence service, Illia Vitiuk, sat down to discuss something that Ukraine had previously kept close to the vest - specifically how much a joint hunt forward ...
1 year ago Therecord.media
Russia Set to Ramp Up Attacks on Ukraine's Allies This Winter - Russia is set to ramp up cyber campaigns targeting Ukraine's allies as kinetic warfare slows this winter, according to a report by Cyjax. Researchers noted that Russia's missile production is struggling to keep pace with its tactical, operational and ...
1 year ago Infosecurity-magazine.com
Helping to keep the lights on in Ukraine in the face of electronic warfare - Ukraine's high-voltage electricity substations rely on GPS for time synchronization. Many of Ukraine's high-voltage electrical substations - which play a vital role in the country's domestic transmission of power - make extensive use of the ...
1 year ago Blog.talosintelligence.com
Power Outage: 2015 Ukraine Cyber Warfare Attack - On December 23, 2015, Ukraine experienced a cyber warfare attack that caused a power outage across the country for over 1.4 million people. The attack targeted three of the nation's distribution companies that resulted in a complete shutdown of their ...
1 year ago Securityaffairs.com
Ukraine says Russia hacked web cameras to spy on targets in Kyiv - Ukraine's security officers said they took down two online surveillance cameras that were allegedly hacked by Russia to spy on air defense forces and critical infrastructure in Ukraine's capital, Kyiv. The cameras were installed on residential ...
11 months ago Therecord.media
Cyber Insights 2023: The Geopolitical Effect - The result is more than a dozen features on subjects ranging from AI, quantum encryption, and attack surface management to venture capital, regulations, and criminal gangs. The Russia/Ukraine war that started in early 2022 has been mirrored by a ...
1 year ago Securityweek.com
Monthly Overview of Global Threats Involving IronNet - At the beginning of each month, we will be releasing blogs that analyze the intersection of geopolitical activity and cyber operations. We will be focusing on the strategies and motivations of Russia, China, Iran, and North Korea that could be a ...
1 year ago Ironnet.com
EU Formalizes Cybersecurity Support For Ukraine - The EU has cemented ties with Ukraine on cybersecurity cooperation, with a new formal agreement designed to improve information sharing and capacity building. Announced today, the agreement formalizes discussions begun in Warsaw during the EU-Ukraine ...
1 year ago Infosecurity-magazine.com
Hugging Face dodged a cyber-bullet with Lasso Security's help - Further validating how brittle the security of generative AI models and their platforms are, Lasso Security helped Hugging Face dodge a potentially devastating attack by discovering that 1,681 API tokens were at risk of being compromised. The tokens ...
1 year ago Venturebeat.com
Ukraine security services involved in hack of Russia's largest private bank - Ukrainian hackers collaborated with the country's security services, the SBU, to breach Russia's largest private bank, a source within the department confirmed to Recorded Future News. Last week, two groups of pro-Ukrainian hackers, KibOrg and NLB, ...
1 year ago Therecord.media
Cyber Warfare 2: The Examined Ukranian Power Outage - The recent cyber attack in Ukraine which led to a power outage illustrates the severity of cyber warfare and the pressing need for better cybersecurity measures. It’s widely believed that the attack was state-sponsored, given the cyber-espionage ...
1 year ago Securityaffairs.com
Ukrainian military says it hacked Russia's federal tax agency - The Ukrainian government's military intelligence service says it hacked the Russian Federal Taxation Service, wiping the agency's database and backup copies. Following this operation, carried out by cyber units within Ukraine's Defense Intelligence, ...
1 year ago Bleepingcomputer.com
To Beat Russia, Ukraine Needs a Major Tech Breakthrough - It has developed and deployed the world's first tactical naval drone. It jury-rigged a remarkably effective air defense system. It is leveraging artificial intelligence to conduct high-precision missile and drone strikes. It has consistently bested ...
11 months ago Wired.com
SBU Cybersecurity Chief Exposes Persistent Hacker Presence in Kyivstar - An attack on Kyivstar, a telco company that has some 24 million users in Ukraine, appears to have been carried out by Russia's Sandworm crew last month. Approximately 24 million users' services were disrupted for a period of several days beginning on ...
11 months ago Cysecurity.news
Variants of RussianSupported Gamaredons Malware Aimed at Ukrainian Government Agencies - The State Cyber Protection Centre of Ukraine has identified the Russian state-sponsored threat actor known as Gamaredon for its cyber attacks on public authorities and critical information infrastructure in the country. This advanced persistent ...
1 year ago Thehackernews.com
Ukrainian hackers disrupt internet providers in Russia-occupied territories - Ukrainian hackers have temporarily disabled internet services in parts of the country's territories that have been occupied by Russia. The group of cyber activists known as the IT Army said on Telegram that their distributed denial-of-service attack ...
1 year ago Therecord.media
Ukraine Blames Russian Sandworm Hackers for Kyivstar Attack - Ukraine's security service has attributed the cyber-attack on mobile operator Kyivstar to Russian hacking group Sandworm. Kyivstar is Ukraine's largest mobile network carrier, the cyber-attack rendered internet access and mobile communications ...
11 months ago Infosecurity-magazine.com
Microsoft unveils Face Check for secure identity verification - Microsoft today announced the launch of Face Check, a new facial recognition feature for its Entra Verified ID digital identity platform. Face Check allows businesses to match a user's selfie to their government ID or employee credentials, providing ...
10 months ago Venturebeat.com
Ukraine sacks top cybersecurity officials in corruption probe involving software purchases - KYIV, Ukraine - Ukraine fired its top two civilian cybersecurity officials on Monday as prosecutors announced an embezzlement investigation involving software purchases from 2020-2022 in which the head of the state intelligence service was allegedly ...
1 year ago Abcnews.go.com
Exposed Hugging Face APIs Opened AI Models to Cyberattacks - Security flaws found in both Hugging Face and GitHub repositories exposed almost 1,700 API tokens, opening up AI developers to supply chain and other attacks and putting a brighter spotlight on the need to ensure that security keeps up with the ...
1 year ago Securityboulevard.com
Meta AI Models Cracked Open With Exposed API Tokens - Researchers recently were able to get full read and write access to Meta's Bloom, Meta-Llama, and Pythia large language model repositories in a troubling demonstration of the supply chain risks to organizations using these repositories to integrate ...
1 year ago Darkreading.com
EFF to Court: Electronic Ankle Monitoring Is Bad. Sharing That Data Is Even Worse. - The government violates the privacy rights of individuals on pretrial release when it continuously tracks, retains, and shares their location, EFF explained in a friend-of-the-court brief filed in the Ninth Circuit Court of Appeals. In the case, ...
7 months ago Eff.org
Latvia confirms phishing attack on Ministry of Defense, linking it to Russian hacking group - The Russian cyber-espionage group known as Gamaredon may have been behind a phishing attack on Latvia's Ministry of Defense last week, the ministry told The Record on Friday. Hackers sent malicious emails to several employees of the ministry, ...
1 year ago Therecord.media
Ukraine Is Crowdfunding Its Reconstruction - While Ukraine remains locked in a brutal war with Russia, Ukraine's government in Kyiv is already looking forward to a day when the country rebuilds itself from the ground up. The World Bank estimates that, as of early this year, Ukraine's rebuilding ...
1 year ago Wired.com
Russian hackers wiped thousands of systems in KyivStar attack - The Russian hackers behind a December breach of Kyivstar, Ukraine's largest telecommunications service provider, have wiped almost all systems on the telecom operator's network. Following the incident, Kyivstar's mobile and data services went down, ...
11 months ago Bleepingcomputer.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)