Russian attacks on energy grid spark alarm

Russian attacks on energy grid spark alarm
© Getty

Revelations about Russian cyberattacks on the U.S. energy grid are sparking new fears in Washington about the growing threat to the energy sector.

The developments have some officials worried that Moscow or another nation state could execute a disruptive cyberattack targeting the U.S. power grid.

"The next Dec. 7 won't be airplanes and torpedoes coming at Pearl Harbor, it's going to be triggered with an attack on our energy grid with rolling blackouts and chaos," Rep. Don Bacon (R-Neb.), a member of the House Homeland Security Committee, said this week. 

Officials with the Department of Homeland Security and FBI revealed last week that Russian hackers have staged cyberattacks against the energy sector and other critical infrastructure since 2016. They linked a coordinated hacking campaign the security community had been tracking for months to the Russian government.

ADVERTISEMENT

Officials issued a public alert describing how hackers penetrated commercial entities on the fringes of the energy sector to compromise their intended victims. They were ultimately able to gain access to information on industrial control systems, technology used to power critical services like electric power and water.

In one case, hackers remotely accessed a human-machine interface, a device used by individuals to operate large industrial control systems — meaning they could have shut off power.

"They were on machines that were on the operational network that had the control panel not only monitoring but also control for systems that were generating power, generating electricity," Eric Chien, technical director at cybersecurity firm Symantec, said.

Lawmakers and other officials in Washington have sounded the alarm about potential cyber threats to the energy grid over the last year, after attacks took down power in parts of Ukraine in 2015 and 2016. Moscow is suspected in both attacks.

Newly identified strains of malware targeting industrial control systems — which are very rare — have underscored the threat. Last June, researchers released details on the malware linked to the 2016 attack in Ukraine. And in December, security firms identified malware targeting safety systems manufactured by Schneider Electric that shut down operations at an unknown industrial plant in the Middle East.

Experts note that the decentralized nature of the U.S. power grid — which is itself comprised of many small grids — means that it would take several simultaneous cyberattacks to take down power across a wide swath of the country.

But the latest revelations of Russian attacks spurred new concerns about the ability of hackers to breach power systems and other critical infrastructure, which are largely owned and operated by private companies.

"I am very much concerned, not only [about] Russia but any enemy, domestic enemy or foreign enemy," Rep. Bobby RushBobby Lee RushBlack Dem lawmaker slams NRA rep for saying she was victim of 'public lynching' at CNN event Overnight Health Care — Presented by the Association of American Medical Colleges — Key ObamaCare groups in limbo | Opioids sending thousands of kids into foster care | House passes bill allowing Medicaid to pay for opioid treatments House passes bill allowing Medicaid to pay for certain opioid, cocaine treatment MORE (D-Ill.), who sits on the House Energy and Commerce Committee, told The Hill. "Our energy sector is very vulnerable to invasive attacks."

The alert issued last week suggests that the Russians were collecting intelligence on control systems that could ultimately be used to stage disruptive or destructive attacks.

Those threats have been noticed at the Department of Energy, which last month announced plans to create a new office devoted to cybersecurity and energy security. The department's cyber funds would get a boost under President TrumpDonald John TrumpGillibrand urges opposition to Kavanaugh: Fight for abortion rights 'is now or never' Trump claims tariffs on foreign nations will rescue US steel industry: report Bannon announces pro-Trump movie, operation team ahead of midterms: report MORE's proposed fiscal 2019 budget, amid cuts to other programs.

In recent months, the Federal Energy Regulatory Commission, which sets mandatory standards for grid operators, has also proposed a series of new rules governing cybersecurity and cyber incident reporting.

Energy Secretary Rick PerryJames (Rick) Richard PerryOvernight Energy: Trump Cabinet officials head west | Zinke says California fires are not 'a debate about climate change' | Perry tours North Dakota coal mine | EPA chief meets industry leaders in Iowa to discuss ethanol mandate Perry: US to become net energy exporter within 18 months New Homeland Security unit will battle threats to critical U.S. assets MORE addressed the Russian cyberattacks on Thursday during a Senate Armed Services Committee hearing. Perry assured lawmakers the Trump administration was taking steps to stop attacks on the grid, though he refused to go into detail in a public setting.

"We're making, I think, every effort to protect the electrical grid from those types of attacks," Perry said.

When asked by Sen. Richard Blumenthal (D-Conn.) if the attacks were an act of war, Perry said he would "tend to agree."

Protecting the grid requires the Energy Department to coordinate with private companies in the energy sector and the Department of Homeland Security, which is responsible for protecting critical infrastructure from cyber and physical threats.   

Rep. John RatcliffeJohn Lee RatcliffeKey conservative: Republicans should focus on Sessions, not Rosenstein GOP lawmakers introduce articles of impeachment against Rosenstein Hillicon Valley: Senators working on new Russia sanctions bill | Defense bill includes cyber warfare policy | Hatch tells Google he's still alive | Dem wants tech execs back before Congress | Facebook gets foothold in China MORE (R-Texas), who heads the Homeland Security subcommittee focused on cyber issues, told The Hill that his panel would examine the Russian attacks as part of its oversight role. Still, he expressed confidence that Homeland Security is responding adequately to the threat, citing the cyber expertise of Kirstjen NielsenKirstjen Michele NielsenHillicon Valley: Trump revokes Brennan's security clearance | Twitter cracks down on InfoWars | AT&T hit with crypto lawsuit | DHS hosts election security exercise Overnight Health Care: Arkansas Medicaid work rules could cost thousands coverage | Record number of overdose deaths in 2017 | Dems demand immediate reunification of separated children Senate Dems demand immediate reunification of remaining separated children MORE, the department's new secretary.

"We're constantly following up when we get reports like that," Ratcliffe said.

"The Department of Homeland Security has never had more cyber expertise than it has right now," Ratcliffe added. "For all of the concerns about Russian meddling into our election and more generally into our critical infrastructure, we're better equipped to deal with it than we've been at any point in the past."

Rep. Fred UptonFrederick (Fred) Stephen UptonKey primaries in August will help shape midterms Energy security must be high on the agenda Paul Ryan would be ‘perfect fit’ to lead AEI, Republicans say MORE (R-Mich.), chairman of the House Energy and Commerce subcommittee on energy, in an interview said he plans to make cybersecurity a big focus of an upcoming April 12 hearing with Perry.

The Russian grid attacks have widely been viewed in the context of Moscow's interference in the 2016 presidential election. The Trump administration disclosed the energy sector attacks when unveiling new sanctions on Moscow for meddling in the election and executing the global NotPetya malware attack last summer.

Still, the threat to the energy sector extends beyond Moscow. 

On Friday, U.S. officials indicted and sanctioned nine Iranian hackers for breaching hundreds of universities and other organizations to steal information on behalf of Iran's government and for financial gain.

One of their targets, officials said, was the Federal Energy Regulatory Commission.

"That is the agency that regulates the interstate transmission of electricity, natural gas and oil," Geoffrey Berman, U.S. attorney for the southern district of New York, said Friday.

"That agency has details of some of this country's most sensitive infrastructure."

Timothy Cama contributed.