Russia Hacked U.S. Power Grid — So What Will The Trump Administration Do About It?
When President Trump phoned to congratulate Russian President Putin on his re-election Wednesday, he made no mention of one of the latest irritants between Russia and the West — his administration's announcement that Russia successfully hacked the U.S. power grid.
The Department of Homeland Security and the FBI issued a joint alert last week: "Russian government cyber actors" have been targeting U.S. critical infrastructure sectors including energy, nuclear and commercial facilities, since at least March 2016.
The announcement came the same day as the U.S. imposed sanctions against 19 Russian individuals and five entities for interfering in the 2016 election and other cyber intrusions.
James Lewis, a cybersecurity expert and vice president of the Center for Strategic and International Studies, said the news Russia penetrated the energy grid does not exactly come as a surprise.
"The Russians have been doing this for years," Lewis said. "The change is that the U.S. government came out and said the Russians hacked the utilities."
The government informed electric companies last summer that Russia undertook what DHS calls a "multistage intrusion campaign" against the utilities, using common hacking techniques such as malware, and spear phishing. It was able to to gain access to at least one power plant's control system.
"They were not simply looking around that system and reconnoitering it," Joel Brenner, former head of counter intelligence under the Director of National Intelligence in the Obama administration, told NPR. "They were placing the tools that they would have to place in order to turn off the power. That's a serious vulnerability for us and we're not anywhere near ready to deal with it."
The Russians have targeted other countries' electrical grids, most notably Ukraine, in 2015, disrupting power for more than 200,000 people.
Scott Aaronson, vice president of security and preparedness at the Edison Electric Institute, which represents the nation's electric companies, said U.S. power companies have tried to learn from that attack.
Can Americans feel confident the U.S. grid is protected?
"Very much so," Aaronson claimed. "The electric power sector takes a lot of different measures to protect our systems."
That includes operating power plants without digital controls, just like in the old days, he said.
"I tell people one of the best ways to protect against a cyber threat is to not rely on cyber assets," Aaronson said, adding that the U.S. power grid "operated for the better part of the last century" without digital controls.
He also said utilities can "go back to a less-efficient means of operating but still keep the lights on."
Some power companies also block emails and other Internet traffic from outside the country.
But protecting the grid is complicated by its decentralized nature, with public utility commissions in 50 states exercising some control.
Critics say the Trump administration needs to take stronger steps to block these kinds of attacks from Russia. At a hearing Tuesday, Sen. Maria Cantwell, D-Wash. called the DHS alert a siren.
"Our energy infrastructure is under attack," Cantwell said. "It's under cyber-attack, and we need to do much more to protect it as a national critical asset."
Cantwell wants the Trump administration to do an assessment of Russian cyber attacks against the electric grid. The Department of Energy is establishing a new Office of Cybersecurity, Energy Security, and Emergency Response, that will focus on energy infrastructure security.
But any retaliation in response to Russia's cyber incursion would be up to President Trump.
But, as Brenner points out: "The president has not so far shown any inclination or any backbone in confronting repeated Russian provocations. And one can only ask why that is."
Brenner added that Russian President Vladimir Putin is "playing ju-jitsu with us."
"Nobody wants a war," he said, adding the hostilities taking place now "are in the gray space between war and peace."
CSIS' Lewis said absent a strong U.S. response to the Russian cyber incursions though, Russia is likely to continue its' behavior.
"The problem here is if we don't give the Russians the idea that doing something to us is bad, they may be tempted to do it," Lewis said.
And while sanctions can function as somewhat of a deterrent to further intrusions, they also may not be enough.