Pages

16 July 2017

NEWS ANALYSIS: Insecure power grid leaves US vulnerable to Russian cyber threats


(NEW YORK) — While the U.S. and Russian presidents were amicably chatting in Hamburg last week, their governments have been sending less friendly signals about power grids.

The Washington Post reported in June that President Obama had issued orders to prepare options for an attack on the Russian electric power grid in response to Russian manipulation of the U.S. presidential election, but it is unlikely that the Russian government first learned about that order by reading the media accounts last month. It is far more probable that Moscow knew about the options presented to Obama months ago.

The U.S. may have wanted it that way. It may have been signaling to Putin that we could also do cyberattacks. Now Russia may have responded in kind, hacking into U.S. nuclear power plants and other aspects of the electrical power grids. The Department of Homeland Security and the FBI jointly warned power companies last month of a series of (likely Russian) hacks that began in May, according to reports in The New York Times.

U.S. government officials and company operators have since provided assurances that the hacking did not reach the controls of U.S. nuclear plants or the power transmission grid. Hackers only targeted or penetrated administrative systems, they said. Another way of saying that, of course, is that the power companies had not found any indications that the hackers had jumped from the Internet connected administrative networks to the control systems. Sophisticated hackers, however, routinely sweep up their footprints behind them and hide on networks in places where it is extremely difficult to find them, unless they want to be found.

All of which raises the question of whether Russian hackers wanted to be discovered rummaging around in U.S. nuclear plants and power grids. Given the sophistication of Russian government cyber teams and their proven ability to be very stealthy, it is a logical conclusion that they were intentionally being noisy to remind Washington of the cyber vulnerability of our own power grids. They were saying the equivalent of: Obama asked you to get ready to mess with our grid? Well, be careful, because we can do that, too.

That message should be considered seriously. As long as U.S. networks managing critical systems are insecure, no U.S. president can consider launching a cyberattack on a nation like Russia without risking far greater retaliation. Checkmate.

Richard Clarke served as special advisor to the president for cybersecurity in the George W. Bush administration and coauthored the book Cyber War. He is now an ABC News consultant.

No comments:

Post a Comment