Russian hackers have recently been linked to cyberattacks targeting critical infrastructure in several foreign countries. This new information from the security firm FireEye has increased the anxiety level of U.S. officials who are responsible for protecting utilities in the United States. They are now concerned that our enemies may soon target U.S. utilities which may be vulnerable to cyberattacks.
FireEye this week released information saying that a Russian-linked research institute may have developed the malicious software that was used to shut down a Saudi petrochemical plant in 2017. Another research firm, ESET, confirmed earlier in October that it had discovered a new hacking group with ties to Russia that has targeted companies in both Ukraine and Poland.
American security officials have warned for several months that there could be a Russian cyber attack on the U.S. power grid. And now these new reports seem to prove that the threat is real as they show that the Russian hackers have demonstrated their abilities to cause chaos. The threat they pose to critical U.S. infrastructure is no longer the subject of hypothetical discussions.
The Department of Homeland Security (DHS) top cyber official, Chris Krebs, said this week that his department usually doesn’t comment on reports like that released by FireEye. He did confirm, however, that DHS does work closely with the Defense Department, U.S. Cyber Command and the National Security Agency when analysing the risks posed by foreign hackers to U.S. infrastructure assets.
“We always work to update our understanding of what the risks are to critical infrastructure and how we deal with global geopolitics,” Krebs said. “Things that could tip the balance, create a more larger profile for a certain sector, in this case, perhaps, elections.”
DHS said earlier this year that they have created a National Risk Management Center, which is intended to protect critical assets like the power grid from both cyber and physical threats.
U.S. Officials earlier this year said Russia had been carrying on a years-long campaign to invade the U.S. energy grid. In July DHS said that Russian hackers had been getting into the control rooms of U.S. utilities.
Even though the new reports disclose in detail Russia-tied activities in other nations, they also show the kinds of attacks Russia (or possibly other countries) could carry out in the United States.
The FireEye report found that the Russia-based lab helped created the malware used by a hacking group against the Saudi plant last year. It was the most direct connection yet to a Kremlin-linked group in an attack on another country’s infrastructure.
Plus, ESET researchers recently revealed that it had identified a new cyber espionage group that had targeted companies in Eastern Europe. They believe this group had attacked Ukraine’s critical infrastructure, and they believe it is also connected to Russia.
Security experts say that Russia uses Ukraine as a testing ground where they can see what kind of methods work well. This allows them to refine and enhance their hacking capabilities before targeting critical infrastructure in other countries. And these experts now say that the hacker have shown they have “serious capabilities” to disrupt power grids and other major utilities.
Energy Secretary Rick Perry testified before the Senate on the cyberattacks earlier this year. He said that his department is making “every effort to protect the electrical grid from those types of attacks.”
According to the U.S. officials, American utility companies have greatly improved the security for their systems over the past few years. However, there is also an awareness that they haven’t done enough to keep out Russian hackers. As one official said:
“I don’t think there’s any room for complacency, and there’s plenty of room for concern.”