Russian hackers now aim for US power and water systems
The United States, for the first time, is blaming the Russian government for an ongoing campaign of cyberattacks that it says is targeting the U.S. power grid, water systems, and other critical infrastructure.
A U.S. security alert published on March 15, 2018, said that Russian government hackers are seeking to penetrate multiple sectors that U.S. consumers depend on for day-to-day necessities.
Those targeted in the attacks, which began in March 2016 or earlier, include energy, nuclear, water, aviation, and manufacturing, the alert said.
The alleged breaches by Russian hackers were cited by the U.S. Treasury Department as one reason for imposing a new round of sanctions on Russia on March 15, 2018.
The Department of Homeland Security and FBI said in the alert that a "multi-stage intrusion campaign by Russian government cyber actors" has targeted small commercial facilities "where they staged malware, conducted spear phishing, and gained remote access into energy sector networks."
Military and civilian computer network analysts with the California Army National Guard Computer Network Defense Team tackle a simulated virus attack. (Photo by Capt. Kyle Key)
The alert said the FBI and the National Cybersecurity and Communications Integration Center determined that the ultimate objective of the cyberattacks is to "compromise organizational networks."
U.S. intelligence officials have said cyberattacks on critical U.S. infrastructure could do significant damage to the economy if they cause extensive blackouts or major disruptions of transportation systems, the Internet, or other essential sectors.
The Russian intrusions reported on March 15, 2018, did not appear to cause such large-scale disruptions.
However, U.S. officials have been concerned about the possibility of damaging disruptions ever since suspected Russian hackers succeeded at causing temporary power outages affecting hundreds of thousands of customers in Ukraine through cyberattacks in 2015 and 2016.
Moreover, U.S. officials said they believe that the Russian military perpetrated the "NotPetya" cyberattacks in June 2017 that caused the most extensive and costly damage to global businesses in history.
Screenshot of the splash screen of the payload of the original version of Petya.
The NotPetya virus spread quickly across the world, paralyzing computers and resulting in billions of dollars in damage through disruptions in shipping, trade, health care, and other industries, the U.S. Treasury Department said.
U.S. cybersecurity official Rick Driggers told reporters on March 15, 2018, that the Russian breaches of U.S. critical infrastructure thus far have been limited to business networks and have not affected any plant's control systems.
"We did not see them cross into the control networks," he said, but "we know that there is intent there."
U.S. intelligence officials recently testified that the Kremlin appears to believe it can launch hacking operations against the West with little fear of significant retribution. Russia denies trying to hack into other countries' systems.