A US security alert on Thursday contained a jarring warning: Russia has infiltrated the US energy grid and could wreak havoc if it chose to do so. "They have the ability to shut the power off," an exec with the digital security firm Symantec tells the New York Times. "All that's missing is some political motivation." The alert from the Department of Homeland Security and the FBI says hackers working on behalf of the Russian government got into the systems of nuclear, water, and electrical plants, as well as "critical manufacturing sectors," and essentially poked around to figure out how things operated. Related details and developments:
- When: The feds say these "Russian government cyber actors" began the operation in March 2016, possibly earlier, reports Reuters. It's described as an "ongoing campaign."
- How: The hackers used standard techniques such as spear-phishing emails to obtain personal passwords of individuals, often those who were "peripherally related" to the primary targets, explains Gizmodo. Think contractors. The US didn't identify specific targets, but Bloomberg reports that a nuclear plant in Kansas was among them, though the hackers were not believed to have gotten into its control networks.
- A first: The report is "damning confirmation of what has for months been suspected: that hackers in Russia are capable of infiltrating and compromising vital systems relied on by millions of Americans," per Time. This also marks the first time that the US has accused Russia of hacking the energy grid, and that development is "unprecedented and extraordinary," a former DHS tech official tells Reuters.
- Any damage? Nope. The hackers appear to have done nothing malicious upon entering, but screenshots posted by the feds make clear that the hackers gained the necessary "foothold" on systems to take them down in, say, the event of a conflict, per the Times.
- Now what? Lawmakers including Democratic Sen. Maria Cantwell have been pushing for an assessment to the vulnerability of the US power grid, and Cantwell hopes the report "is the first step in a robust and aggressive strategy to protect our critical infrastructure," per Bloomberg. The US also has slapped new sanctions on Russia.
- Ukraine example: Stories, including this one at Radio Free Europe, are pointing out that Russia has been widely blamed for turning the lights out in Ukraine in unprecedented energy-grid attacks in 2015 and 2016. The US also thinks Russia is responsible for the "NotPetya" cyberattacks of 2017 that hit businesses worldwide.
- Different hackers: So are these the same hackers accused of meddling in the 2016 election? Apparently not. The Times suggests three different Russian groups were working: one stole emails from Democrats and others, another worked to foment divisions online with political postings, and the third worked on hacking the energy grid and other infrastructure systems. The US report links to an October report by Symantec calling the latter group "Dragonfly." They've reportedly hit targets in Turkey and Switzerland, too.
(Read more energy grid