On December 23, 2015, in the heart of winter, several Ukrainian power companies were targeted by hackers in a well-planned cyberattack. Suddenly, almost a quarter-million people found themselves without electricity, and the companies affected were scrambling to restore power.

This wasn’t a random malware that happened to sneak in the attack was specifically designed to target the companies’ Operational Technology (OT) systems. The attackers had studied the power grid’s Industrial Control Systems (ICS) inside and out and knew exactly how to cause the maximum amount of disruption.

Here’s the part that is humorously ironic in retrospect: the systems were so heavily automated and relied so much on the compromised OT systems that the companies had to literally dust off their old manual equipment to restore power.

Yes, you read it right. In the middle of one of the most sophisticated cyberattacks the world had seen until that point; Ukrainian power engineers were resorting to manual operations workers physically turning wheels and flipping switches to get the lights back on!

This devastating event underscored the importance of OT security. More than many others, this incident led to an increased global emphasis on OT security, a push for international cooperation in combating cyber threats, and the recognition that OT systems are as much a target as any IT system.

So, while it’s bizarre to picture modern engineers reverting to manual methods, the key takeaway is clear: robust OT security isn’t optional, it’s a necessity.

The Growing Problem of Cyber-Physical System Security