The Department of Homeland Security (DHS) and the FBI issued a joint alert this week that Russian hackers have infiltrated the U.S. power grid and systems that run other critical infrastructure, and yet no one in the administration seems to be doing anything about it.
The revelation emerged Thursday as part of the Treasury Department's announcement that it finally was implementing new sanctions on Russia for election meddling and other cyberattacks. However, those sanctions are on the 13 individuals indicted by Special Counsel Robert Mueller, who have no financial assets in the United States and no motivation to travel here. Of the six additional Russians on the list, four already were under sanctions. The two new ones are government officials who seemingly have no U.S. assets or interests. The one oligarch connected to Putin named Thursday – Yevgeniy Prigozhin – came through Mueller's indictment and laughed at being included.
The purpose of sanctions is to punish Putin and his oligarchs by strangling their finances. Treasury was supposed to come up with a list of impactful targets. Instead, it cut and pasted names from Forbes and the Kremlin website in what was seen largely as a joke, even by the Russian oligarchs who were fearing the list before it emerged. Treasury Secretary Steve Mnuchin then promised for weeks sanctions were coming soon. But what we finally got Thursday was another cut and paste job – this time from Mueller's indictment and President Obama's December sanctions.
Now, the United States' critical infrastructure is at risk, and Putin is undeterred. In fact, the Russians have experience taking down power grids and impacting the lives of hundreds of thousands of people.
Here is CNN in February 2016:
U.S. investigators have found evidence to confirm what is believed to be the first-of-its-kind cyberattack on a power grid that caused a blackout for hundreds of thousands of people in Ukraine in December.
A U.S. official close to the investigation said the power outage was caused by a sophisticated attack using destructive malware that wrecked computers and wiped out sensitive control systems for parts of the Ukrainian power grid.
(...)
U.S. systems aren't any more protected than those breached in Ukraine, the U.S. official said.
(...)
A sophisticated team of hackers coordinated attacks at the same time against six power providers, the U.S. official said.
The attack was so severe that it knocked out internal systems intended to help the power companies restore power. Computers were destroyed, and even the call centers used to report outages were knocked out.
(...)
The same malware has been found in U.S. industrial systems.
Here is CNN Thursday:
Russia has attempted to attack targets that include "energy, nuclear, commercial facilities, water, aviation, and critical manufacturing sectors" since March 2016, DHS said.
... [Vikram] Thakur, a technical director at Symantec [Security Response], added that cyberattacks like the one DHS described Thursday have the potential to cause significant damage, unlike those in which the attacker is solely looking for information.
"The only thing that holds an attacker back is political motivation," Thakur said, noting the potential for retaliation by the country that gets hit.
The Nuclear Regulatory Commission and Federal Energy Regulatory Commission claim the attack had no impact on systems this time around, but that does not mean the state-sponsored Russian hackers will stop trying.
AP:
U.S. national security officials said the FBI, Department of Homeland Security and intelligence agencies determined Russian intelligence and others were behind a broad range of cyberattacks starting more than a year ago. Russian hackers infiltrated the networks that run the basic services Americans rely on each day: nuclear power, water and manufacturing plants.
U.S. officials said the hackers chose their targets methodically, obtained access to computer systems, conducted "network reconnaissance" and then attempted to cover their tracks by deleting evidence of the intrusions. The operation resorted to various methods — including a kind of cyberattack known as spear-phishing — to try to compromise legitimate user accounts, gather user credentials, and target industrial control systems and their networks, officials said.
The U.S. government has helped the industries expel the Russians from all systems known to have been penetrated, but additional breaches could be discovered, officials said.
Energy Secretary Rick Perry says this is why he is creating the Office of Cyber Security and Emergency Response, first announced last month.
AP:
The new office will consolidate and strengthen efforts to "combat the growing nefarious cyber threats we face," Perry said, adding that his department worked closely with other federal agencies and energy providers to help ensure that hacking attempts "failed or were stopped."
However, Secretary Perry has not indicated when this will happen and POWER Magazine points out the Department of Energy "already has an office dedicated to ensure the nation’s energy delivery system is secure...POWER has reached out to the DOE with questions about how CESER’s focus will be different from OE’s."
There has been no update.
US says Russian hack did not compromise power grid, plants (AP)
US accuses Russia of cyber attacks on power grid (CNN)
First on CNN: U.S. investigators find proof of cyberattack on Ukraine power grid (CNN)