Russia's power grid is an easy target for U.S. hacking

Vladimir Putin, the President of Russia
Open source
Areportin the New York Times that the U.S. Cyber Command has intensified secret efforts to hack the Russian power grid is less interesting for its content than because of U.S. officials apparent cooperation in publicizing the activity. Like any powergrid undergoing a digital transformation, the Russian one is quite hackable but why would the U.S. want public discussion of the matter[/img]
Kaspersky Lab JSC, the cyber security firm, has been running grid equipment hacking contests for years. In 2016, a hacking group from Yekaterinburg described in a blogposthow it won points in the competition by taking over asubstation and causing a short circuit on a power transmission line, without any prior knowledge of the specific industrial system or even much general understanding about how substations work. Russian researchers haveidentifiednumerous vulnerabilities in so-called smart grid equipment, which constantly analyzes consumption data and helps manage systems flexibly and efficiently. Many elements of electrical grids are accessible from the internet. Arelatively successful, and likely Russian, attack that shut down 27 substations in Ukraine in 2015 showed thatprimitive methods like sending spear-phishing emails to employees of regional energy companies are effective in getting hackers into parts of national grids.

The Russian grid isparticularly vulnerable for several reasons. First, its vast. Russian Grids PJSC runs 2.35 million kilometers of transmission lines and 507,000 substations. Second, its in the process of an ambitious digital transformation. The state-controlled companys digitizationplan, adopted last year, is meant to achieve major cuts in transmission losses and breakdown numbers by 2030. The plan talks about creating a cyber security unit, but thatsa work in progress. As my colleague David Fickling haspointed out, making a grid smart creates new avenues of attack, and big technology rollouts can be messy and increase the risks. In the case of Russia, the problem is exacerbated by the Western origin of three quarters of all the equipment and pretty much all of the software. If U.S. intelligence puts in the implantsbefore the equipment is supplied or en route, theres no guarantee they can be detected.
In other words, securing the Russian grid is a mammoth task even with Russianssuperior expertise when it comes to detecting (and likely exploiting) vulnerabilities. U.S. cyber attacks are certainly possible. How crippling they can be is another matter. The 2015 attack on the Ukrainian regional energy companies left some 225,000 customers without electricity fora few hours; thats not a lot of damage given thewide arrayof techniques involved (the attackers even flooded an energy companyscall center with automated calls to make it impossible for customers to report outages). Unless critical equipment is irreparably damaged, its usually possible to switch to manual mode, which is what the Ukrainians did.
It would be naive, however, to think the Russian government hasnt been worried about U.S. cyber attacks on the country's critical infrastructure. So President Donald Trumps vehement reaction to the New York Times story he called publishing it a virtual act of treason in atweetis a little overdone. Whats more telling, though, is the newspapers response: It says the Times described the article to the government before publication and got no objections.

This raises the question what purpose the article might serve for the government officials who talked to the newspaper and those who vetted the publication. My theory is that they wanted to send a message to the Kremlin but not specifically that the Cyber Command has increased its activity in the Russian power grid. The Russian political leadership, intelligence and cyber security professionals are already aware of these efforts.
Rather, the message concerns the approval procedure for the offensive efforts. The Times story says they occur under new, obscurelegislation passed by Congress last summer that allows the defense secretary to authorize clandestine military activity in cyberspace without going to the president for approval. Its one thing for the Russians to know the U.S. is working to infiltrate their countrys infrastructure,but quite another to be aware that intrusions and attacks dont require White House approval and can happen routinely and without much ado. The U.S. officials are effectively telling Russian President Vladimir Putin not to remonstrate with Trump in case of attack the U.S. president may not even know whats happening, and itll be perfectly legal.
Read the original text at Bloomberg Opinion.
See also:
Leave a comment
  • Latest
  • Read
  • Commented
Calendar Content
«     2022    »