The US government has accused Russia of remotely targeting the US power grid, as part of its newly unveiled sanctions on the country.
The Department of Homeland Security released details Thursday of what it called a multi-stage effort by Russia to target specific government entities and critical infrastructure.
The Trump administration announced extensive sanctions against Russia on Thursday morning, which included sanctions on the Internet Research Agency, a Russian troll farm that produced divisive political posts on American social media platforms during the 2016 presidential election.
According to the DHS, Russia accessed US government networks by initially targeting with malware small commercial third-party networks that were less secure.
Russia has attempted to attack targets that include “energy, nuclear, commercial facilities, water, aviation, and critical manufacturing sectors” since March 2016, DHS said.
Gaining access to the networks that are tied to various aspects of US infrastructure is extremely difficult, said Vikram Thakur, of Symantec Security Response. Thakur, a technical director at Symantec, added that cyberattacks like the one DHS described Thursday have the potential to cause significant damage, unlike those in which the attacker is solely looking for information.
“The only thing that holds an attacker back is political motivation,” Thakur said, noting the potential for retaliation by the country that gets hit.
“Usually the bar for flipping the switch is extremely high” for the attacker, he later added in a phone interview.
Past encounters
In 2015 Ukraine experienced an unprecedented cyberattack on its electric grid that led to widespread power outages, which it said was caused by Russia. The attack raised concerns about vulnerabilities in the US system that could make it a victim of similar attacks.
Energy Secretary Rick Perry released a response to the DHS announcement Thursday, saying the Department of Energy has “worked closely with government partners and energy sector asset owners to help ensure attempts failed or were stopped.”
“This event demonstrates exactly why I am creating an Office of Cyber Security and Emergency Response (CESER),” Perry’s statement said. “It is crucial for the DOE to consolidate and strengthen our efforts to combat the growing nefarious cyber threats we face.”
Although Russia is “on the right path” they “still have awhile to go,” said Robert Lee, the CEO of Dragos, a cybersecurity firm that specializes in protecting the nation’s power grid and critical infrastructure. “They are absolutely going after the systems they would need to for causing disruption, but it doesn’t put them close to that object.”
The US intelligence community also has concluded that Russia attempted to interfere in the 2016 US presidential election. House Republicans ended their probe into the Russian election meddling this week and said they had found no evidence of collusion with President Donald Trump’s campaign. However, there are still multiple investigations looking into any ties between Trump’s campaign associates and Russians during 2016.