Russia Hacked U.S. Power Grid — So What Will The Trump Administration Do About It?
When President Trump phoned Russian President Vladimir Putin to congratulate him on his re-election Wednesday, Trump made no mention of one of the latest irritants between Russia and the West — his administration's announcement that Russia successfully hacked the U.S. power grid.
The Department of Homeland Security and the FBI issued a joint alert last week: "Russian government cyber actors" have been targeting U.S. critical infrastructure sectors, including energy, nuclear and commercial facilities, since at least March 2016.
The announcement came the same day that the U.S. imposed sanctions against 19 Russian individuals and five entities for interfering in the 2016 election and for other cyber-intrusions.
James Lewis, a cybersecurity expert and vice president of the Center for Strategic and International Studies, said the news that Russia penetrated the energy grid does not exactly come as a surprise.
"The Russians have been doing this for years," Lewis said. "The change is that the U.S. government came out and said the Russians hacked the utilities."
The government informed electric companies last summer that Russia undertook what DHS calls a "multistage intrusion campaign" against the utilities, using common hacking techniques such as malware and spear-phishing. The hackers were able to to gain access to at least one power plant's control system.
"They were not simply looking around that system and reconnoitering it," Joel Brenner, head of counterintelligence under the Director of National Intelligence in the Obama administration, told NPR. "They were placing the tools that they would have to place in order to turn off the power. That's a serious vulnerability for us, and we're not anywhere near ready to deal with it."
The Russians have targeted other countries' electrical grids, most notably Ukraine in 2015, disrupting power for more than 200,000 people.
Scott Aaronson, vice president of security and preparedness at the Edison Electric Institute, which represents the nation's electric companies, said U.S. power companies have tried to learn from that attack.
Can Americans feel confident the U.S. grid is protected?
"Very much so," Aaronson said. "The electric power sector takes a lot of different measures to protect our systems."
That includes operating power plants without digital controls, just like in the old days, he said.
"I tell people one of the best ways to protect against a cyberthreat is to not rely on cyber assets," Aaronson said, adding that the U.S. power grid "operated for the better part of the last century" without digital controls.
He also said utilities can "go back to a less-efficient means of operating but still keep the lights on."
Some power companies also block emails and other Internet traffic from outside the country.
But protecting the grid is complicated because of its decentralized nature, with public utility commissions in 50 states exercising some control.
Critics say the Trump administration needs to take stronger steps to block these kinds of attacks from Russia. At a hearing Tuesday, Sen. Maria Cantwell, D-Wash., called the DHS alert a siren.
"Our energy infrastructure is under attack," Cantwell said. "It's under cyberattack, and we need to do much more to protect it as a national critical asset."
Cantwell wants the Trump administration to do an assessment of Russian cyberattacks against the electric grid. The Department of Energy is establishing an Office of Cybersecurity, Energy Security, and Emergency Response, which will focus on energy infrastructure security.
But any retaliation in response to Russia's cyber-incursion would be up to Trump.
But, as Brenner points out: "The president has not so far shown any inclination or any backbone in confronting repeated Russian provocations. And one can only ask why that is."
Brenner added that Putin is "playing jiu-jitsu with us."
"Nobody wants a war," he said, adding the hostilities taking place now "are in the gray space between war and peace."
CSIS' Lewis said that absent a strong U.S. response to the Russian cyber-incursions though, Russia is likely to continue its behavior.
"The problem here is if we don't give the Russians the idea that doing something to us is bad, they may be tempted to do it," Lewis said.
And while sanctions can function as somewhat of a deterrent to further intrusions, they may not be enough.
Copyright 2020 NPR. To see more, visit https://www.npr.org.