Hybrid War, Critical Infrastructure, and Nova Scotia Power

Larry Hughes
Published as "Why would Russia cyber attack Nova Scotia Power?" in allnovascotia.com
28 November 2025

In 2015, I was working at the NATO Energy Security Centre of Excellence in Vilnius, Lithuania. Just before Christmas, part of Kyiv's electrical grid failed unexpectedly. The cause of the failure was found to be a cyber attack on the computer systems responsible for coordinating the power stations and Kyiv's electrical load.

The attacks were subsequently attributed to Russian hackers, the cyber "foot soldiers" in Russia's ongoing hybrid war with Ukraine.

Hybrid warfare has adversaries adopting methods of attacking an opponent that do not involve traditional military confrontation. Perhaps the most common is to employ disinformation campaigns to undermine public support for government actions or present the aggressor in a better light. The proliferation of social media makes disinformation campaigns easier

Cyber attacks are more complex because they require knowledge of how the targeted software or hardware, or both, operate. Cyber attacks usually focus on critical infrastructure, defined by Public Safety Canada as the "... processes, systems, facilities, technologies, networks, assets and services essential to the health, safety, security or economic well-being of Canadians and the effective functioning of government".

A cyber attack on critical infrastructure is normally portrayed as malicious software disrupting the operations of a power station or a water supply system, making entities, such as hospitals, business, industries, and schools, vulnerable to the threat of a disruption to either electricity or water supply.

Disruptions such as these could result in the "... catastrophic loss of life, adverse economic effects, and significant harm to public confidence."

Critical infrastructure also refers to an organization's information technology software, responsible for the users or customers.

The cyber attack on Nova Scotia Power's billing and meter reading software affects the company's customers, not its generation and transmission systems.

To pay for the energy Nova Scotia Power needs to operate, it has kept billing its customers, with estimated bills and, in some cases, multiple bills.

The company has promised to resolve these issues once the system is running properly in the future.

However, there is more to the cyber attack than a damaged billing system: the data breach apparently caused the personal information (such as Social Insurance Numbers) to be circulating on the Dark Web.

Clearly, both the billing system breakdown and the data breach have resulted in "adverse economic effects and significant harm to public confidence."

During Tuesday's Natural Resources and Economic Development Committee meeting, Nova Scotia Power's CEO Peter Gregg suggested that the cyber attack probably emanated from sophisticated hackers in Russia.

Which raises the question, why would someone in Russia want to attack Canada, let alone, Nova Scotia Power?

Are we at war with Russia?

Not directly, but Canada helps Ukraine with weapons, financial assistance, and political support.

This is more than enough reason for Russia to target Canada.

But Nova Scotia Power?

There could be any number of reasons for the attack; we will have to wait until a detailed, forensic report on the cyber attack is made public.

In the meantime, Nova Scotia Power must address the issue of "significant harm to public confidence" in the company's ability to bill fairly.

Apparently, some steps have been taken to address this:

However, without making Nova Scotians aware of these things, the company has done nothing to restore public confidence.

Meanwhile, some politicians will undoubtedly see this as an opportunity to call for Nova Scotia Power to be taken back under government control.

Government control would not be a guarantee of cyber competence.

Remember this government's 2023 MOVEit software debacle?