U.S. Accuses Russian Hackers Of Targeting U.S. Power Grid
On Thursday, President Donald Trump’s administration formally accused Russia of carrying out cyberattacks against critical U.S. infrastructure and transportation facilities — making it the first ever confirmation from Washington that Russian agents possess the ability to impact and disrupt day-to-day life across the United States.
For the past 18 months, the Department of Homeland Security (DHS) and FBI have been monitoring as Russian hackers have gained access to multiple targets across the country.
The report released by the DHS on Thursday confirmed that Russian hackers had gained the key access they would have needed in order to manipulate or shut down power plants across the U.S., however, stopping short of actually doing so.
The U.S. Computer Energy Readiness Team (US-CERT) released a statement warning that “Russian government cyber actors” had targeted small commercial facilities, gaining remote access into energy sector networks through staged malware and spear phishing.
“Since at least March 2016, Russian government cyber actors targeted government entities and multiple U.S. critical infrastructure sectors, including the energy, nuclear, commercial facilities, water aviation, and critical manufacturing sectors,” the US-CERT alert read.
In an interview with VICE news, Amit Yoran, the founder of US-CERT, said “the fact that the DHS and the FBI have attributed attempts to attack and compromise critical U.S. infrastructure to Russia is unprecedented and extraordinary.”
Adding that “it’s a wake-up call for the industry and a reminder that we are still not doing the basics well and that our defense needs to constantly evolve and adapt.”
Energy Secretary Rick Perry seemed to agree with Yoran when he said on Thursday that “the warfare that goes on in the cyberspace is real, is serious, and we must lead the world.”
The U.S. and it’s allies have long suspected Russia of carrying out critical attacks on infrastructure around the world. In December of 2016, Russian hackers successfully infiltrated a Ukrainian power station, shutting off power to hundreds of thousands in a demonstration of it’s growing capabilities.
Private security firms in the U.S. say that they have been tracking Russian operations to gain access to important North American infrastructure since 2011 where they identified three groups that go by the names DragonFly, Energetic Bear and Berserk Bear.
Since 2011, the groups have moved from gathering information to potential sabotage, after researchers discovered screen shots of the machinery used in nuclear and power plants along with detailed descriptions on how they operated.
On Thursday, the U.S. also announced new sanctions against 19 Russian individuals and five entities for “their attempted interference in the U.S. elections” back in 2016.