DHS cites Russian cyberattacks on U.S. power grid, infrastructure since 2016

by WorldTribune Staff, March 16, 2018

Russian government hackers have for at least two years attempted cyberattacks on the U.S. power grid, the Department of Homeland Security (DHS) said.

The attacks, beginning in March 2016 and possibly earlier, targeted multiple U.S. critical infrastructure sectors, including energy, nuclear, commercial facilities, water, aviation and manufacturing, according to a U.S. security alert published on March 15.

DHS and the FBI said in the alert that a “multi-stage intrusion campaign by Russian government cyber actors” had targeted the networks of small commercial facilities “where they staged malware, conducted spear phishing, and gained remote access into energy sector networks.”

Related: Feds issue unusual joint warning of cyberattacks on critical U.S. infrastructure, October 24, 2017

Russia in the past has denied it has tried to hack into other countries’ infrastructure.

The Trump administration report cited a widely circulated investigation from Symantec released in October 2017 that linked the hacking group Dragonfly, suspected to be Russian, to a series of attacks on energy systems in the U.S. and Europe.

Geostrategy-Direct.com reported in October 2017 that DHS and the FBI had issued a rare public alert to operators of critical infrastructure, saying that some hacking attempts they had been monitoring in the previous five months had been partially successful.

“Threat actors have targeted government entities and the energy, water, aviation, nuclear and critical manufacturing sectors, and, in some cases, have leveraged their capabilities to compromise victims’ networks,” the alert said.

The U.S. electrical grid is considered particularly vulnerable to cyberattacks from Russia and China and will remain so for at least 10 years, a Pentagon report by the Defense Science Board warned.

“A large-scale cyberattack on civilian critical infrastructure could cause chaos by disrupting the flow of electricity, money, communications, fuel, and water,” the Pentagon board said. “Thus far, we have only seen the virtual tip of the cyberattack iceberg.”

A former senior DHS official said that Russia’s targeting of infrastructure networks dropped off after the October alert, which detailed technical forensics about the hacking attempts but did not name Russia.

DHS cyber security official Rick Driggers told reporters on March 15 that he was unaware of any cases of control networks being compromised in the United States and that the breaches were limited to business networks. But, he added, “We know that there is intent there.”

Kremlin-linked hackers were widely blamed for two attacks on the Ukrainian energy grid in 2015 and 2016 that caused temporary blackouts for hundreds of thousands of customers and were considered first-of-their-kind assaults, Reuters reported.

Subscribe to Geostrategy-Direct __________ Support Free Press Foundation