In the age of technology, many aspects of human life have been digitized and can now be done online, and that includes warfare. As the tension between the Trump Administration and the Russian government over brewing cyberwar between the two superpowers, reports emerged that the U.S. is escalating its efforts to compromise Russian power grids with malware.
Reports revealed that the escalation is a warning to President Vladimir V. Putin, and a demonstration of how the Trump administration can use technology to fight back against Russia, said current and past government officials.
In previous interviews, the officials discussed the deployment of American computer code inside Russia’s grid and other targets as a classified companion to more publicly discussed action directed at Moscow’s disinformation and hacking units around the 2018 midterm elections.
Supporters of the move said that fighting back against Russian hackers is long overdue, especially that the Department of Homeland Security and the FBI has long been warning about Russian hackers deploying malware in American grid system, power plants, oil and gas pipelines, or water supplies — which could sabotage the United States when a severe conflict arise.
The United States previously warned that Russia has been targeting American and European nuclear power plants and water and electric systems, and could have sabotaged or shut power plants off at will. They said the strikes accelerated in late 2015, at the same time the Russian interference in the American election was underway. The attackers had compromised some operators in North America and Europe by spring 2017 after President Trump was inaugurated.
New computer screenshots released by the Department of Homeland Security suggests that Russian hackers have all the necessary tools and required foothold to manipulate the USA’s power distribution channels.
“We now have evidence they’re sitting on the machines, connected to industrial control infrastructure, that allow them to effectively turn the power off or effect sabotage,” said Eric Chien, a security technology director at Symantec, a digital security firm.
The reported escalation is a new development in a series of online attacks against power companies who have been victims of cyber-espionage, but in recent years the intent has switched from spying to creating outages.
Analysts argued that it makes sense for government hackers to target power supply because a massive outage can cause chaos and widespread dysfunction in the country.
The risk isn’t theoretical; it already happened in Ukraine
Furthermore, there is more reason for governments to be worried about their power grids. In 2016 — the last year for which data is available — the energy sector topped the table regarding vulnerabilities dealt with by the US Industrial Control Systems Cyber Emergency Readiness Team, now part of the National Cybersecurity and Communications Integration Center (NCCIC).
And these aren’t just theoretical; they are indeed real threats. In Christmas of 2015, Ukranian household has faced a massive outage due to a series of cyber attacks and hacking against major power companies. In this incident, the blame points to Russian hackers by carrying out a sophisticated attack which started with a phishing campaign.
Reports regarding the incident showed that once the Russian hackers got in the operational systems of the power company, they got total control of the entire grid system – effectively shutting down power in most households. To make matters worse, a coordinated denial-of-service attack on the companies’ reporting systems make it hard for consumers to report the outage.
In January, Dan Coats, US director of national security, warned that Russia could launch a sophisticated and coordinated attack that targets America’s electrical distribution network for a few hours. This kind of attack is similar to the Ukraine attack in 2015.
“Moscow is mapping our critical infrastructure with the long-term goal of being able to cause substantial damage,” Coats warned.
Planting malware in another country’s power system is a dangerous move
However, critics warned that the escalation against Russia could trigger a full-blown digital cold war between the US and Moscow. Furthermore, experts argued that there’s a significant risk in planting malware inside another country’s infrastructure to use it in the future.
The code could be discovered, and Russia could see it as a blatant provocation. Aside from that, it will create an international outburst condemning what happened. It could even be reverse-engineered and used against the country that planted it (or used against a third country to cause even more chaos — such false-flag cyber operations are far from unknown).