March 19, 2016
Robert M. Lee was profiled in Forbes:
Two days before Christmas the lights went out across the Ivano-Frankivsk region of Ukraine. As many as 225,000 customers lost power, the result of coordinated cyberattacks on three power grids.
The Ukrainians claimed it was the first time a power grid had been knocked out by hackers and quickly pointed a finger at Russia. Robert M. Lee was skeptical. In the midst of preparing for a Christmas wedding in Alabama, the ex-cyberwarfare Air Force officer needed proof. There had only been two known destructive attacks on critical infrastructure. He and several colleagues in the U.S. cyber community coordinated with contacts inside Ukraine to recover malware from the network. Lee was the first person to report about the malware after reviewing the public information and analyzing the grid’s control systems. It was soon apparent: This was the real deal, though Lee shies away from blaming Russia. “What surprised me is the bold nature of it. … It was so coordinated. All the stuff we’ve seen before looked like intelligence. This looked like military. That’s kind of alarming.”