Following the Trump administration’s delayed implementation of sanctions against Russian individuals and organizations, the White House accused Russian hackers of infiltrating nuclear power plants and water and electric systems across the U.S. and Europe deep enough to threaten their operations.
According to the New York Times, the cyberattacks grew in intensity in 2015, right as Russia’s efforts to interfere in the U.S. presidential election were occurring. By spring 2017, multiple operators in North America and Europe were compromised. Both U.S. officials and private security firms said the attacks appeared to be a signal from Moscow that they could interrupt utility operations to the point of outright sabotage, should any conflict arise.
A report issued by the Department of Homeland Security on Thursday stated that the hackers gained access to critical control systems within the affected facilities, though they have yet to outright sabotage the systems in question. “We now have evidence they’re sitting on the machines, connected to industrial control infrastructure, that allow them to effectively turn the power off or effect sabotage,” said Eric Chien, a security technology director at digital security firm Symantec.
U.S. intelligence agencies have been aware of the attacks for the past 18 months, with the DHS and FBI issuing warnings to utility companies in June 2017, but they did not name Russia as the offender. It has also been determined that the group conducting the attacks is separate from the two groups accused of influencing the election.
A report from Symantec that was made public in October said the hacking group “appears to be interested in both learning how energy facilities operate and also gaining access to operational systems themselves, to the extent that the group now potentially has the ability to sabotage or gain control of these systems.” Symantec also discovered that the hackers had begun taking screenshots of plant machinery and stealing operation descriptions for that machinery.
Having such vital systems compromised to the point that Russian hackers could simply flip a switch and shut down huge chunks of the American power and utility grid is incredibly worrisome, but the inevitability of American response, should that happen, is enough of a deterrent for now. However, that might not be the case for much longer. “I would say right now they do not think much will happen to them … they don’t fear us,” said Lt. Gen. Paul Nakasone, commander of the United States Cyber Command.