US spooks flex cyber muscles with Russia
Russia has conceded that it is “possible” its power grid is under US cyber-attack as a leaked story from the Washington security establishment pointed to agents’ ability to act without presidential approval.
The Kremlin’s presidential spokesman Dmitry Peskov said the weekend’s New York Times report about computer viruses on its electrical grid was a “hypothetical possibility”.
The newspaper report said US “code” had been deployed across the Russian energy network partly in response to Moscow’s disinformation and hacking campaigns during western elections.
The Times said “implants” or malware had been placed in networks managing the power grid that could be activated during a military conflict.
Peskov pointed out Donald Trump had dismissed the allegations as “fake news”.
He told the media: “If one assumes that some government agencies do this without informing the head of state, then of course this may indicate that cyber war against Russia might be a hypothetical possibility.”
The Kremlin representative noted that “vital areas” of the Russian economy were under continuous attack but the repeated intrusions had been countered.
Bloomberg said Russia had extensive expertise in hacking power grids.
An opinion piece said the Kaspersky Lab cyber-security firm had been running grid hacking contests for years. “In 2016, a hacking group from Yekaterinburg described in a blog post how it won points in the competition by taking over a substation and causing a short circuit on a power transmission line, without any prior knowledge of the specific industrial system or even much general understanding about how substations work,” Bloomberg’s Leonid Bershidsky argued.
Russia has targeted smart-grid equipment, which analyses consumption and helps manage grids flexibly and efficiently.
A 2015 attack that was blamed on Russia managed to shut down 27 substations in Ukraine using phishing emails sent to Ukrainian power grid staff.
Russia’s grid is susceptible to a cyber-attacks, partly because of its vast scale. Russian Grids manages 2.35 million km of transmission lines and about 507,000 substations.
The Bloomberg piece asked why the US security services wanted to publicise US efforts to hack Russia’s grid.
Thomas Rid, a political scientist at Johns Hopkins school of international studies, said it made no sense to reveal the US strategy because “publicity burns capabilities”.
The Times story meant the Russian authorities would search the power network extensively for malware, Rid said.
But Bershidsky said the US security services probably wanted to remind the Kremlin of their freedom to act.
The National Defence Authorisation Act, passed by the US Congress last year, allows the defence secretary to authorise “clandestine military activity” without presidential approval.
The malicious code was reportedly placed by the US Cyber Command, a team of military hackers which is permitted to target computer networks under the 2018 act.
Russia’s infrastructure needs extensive modernisation. Picture credit: Flickr