Presentation of Andrii Nemyrovskii, deputy CEO at Ukrenergo, at the IX Ukrainian energy Forum by the Adam Smith Institute.

1. PROTECTION OF THE
POWER SYSTEM
AGAINST HACKERS:
Ukrenergo`s practical
experience

2. UKRAINIAN POWER SYSTEM AND ITS TSO– SE “NPC “UKRENERGO”
4 NPPs
12* TPPs
and dozens of
CHPPs
7 HPPs and 3 HPSPPs
Dozens of small
HPPs, SPPs,WPPs
Up to 21* thous km, 220-750 kV OHL 102* 220-750 kV substations Up to 9 thous.employees
*excluding the temporarily occupied territories of the Donetsk and Lugansk regions and Crimea

3. SCOPE OF CYBER ATTACKS IS GROWING EVERY YEAR
BlackEnergy, 2015
(On the 23rd of December, 2015 the computers of the control system in the
“Prykarpattiaoblenergo” dispatching center were attacked; up to 30 substations
were switched off; up to 230 thous.of citizen were left without power for 1-6
hours).
Cyber attack at the “Pivnichna” substation, 2016
(On the 17th-18th of December, 2016 the 330 kV substation “Pivnichna” was
attacked. The following substation supply power to the Northern part of Kyiv.
The research proved that the attacks on the computer systems related to the
substation were multilevel and seriously prepared»)
Petya.А, 2017
(On the 27th of June, 2017 the Petya. A computer virus, similar to WannaCry,
attacked the Ukrainian banks, state and private companies)

4. WE DO COMPREHEND THE DANGER
SUSTAINABILITY OF THE UKRAINIAN POWER SYSTEN
DEPENDS ON THE SUSTAINABILITY OF UKRENERGO

5. PETYA.A
Crucial
systems were
not seriously
affected
However we
“lost” many
substations in
the working
mode
The majority of
substations
functioned in a
normal mode
until Monday
“Exhaled”
July 7

6. WE COPED WITH THE PROBLEM QUITE GOOD
Usage of the previous attacks experience
Establishment of the response body on the
cyber threats
Up to 100% of the reserve copies
We`ve assessed our system otherwise

7. ... HOWERE WE UNDERSTOOD THE CYBER SECUTITY SYSTEM SHULD BE SIGNIFICANTLY IMPROVED
Development and approval
of the cyber security
concept
Preparation and approval of
the normative documents
within the cybersecurity
sphere
Training with the
American colleagues
Technological network
launching

8. WE DO STRIVE TO ATTAIN THE SECURE IT
Launching of the cyber protection infrastructure project
Complete split between the technological and office infrastructure
Clear segmentation and perimeter protection
Implementation of the security systems (NGFW, SIEM, IDM...)

9. Thank you for your
attention!