US Energy Infrastructure Vulnerable to Hack Attack

January 15, 2018

nuclear

One of climate denialdom’s greatest hits is, how expensive it will be to convert our energy infrastructure to renewables.  Forget that continuing with a fossil economy will cost even more. One key piece of the system has to be upgraded no matter what direction we choose.

Our electrical grid is rapidly descending into developing world quality, and no longer adequate to serve a 21st century economy, be resilient to increases in climate extremes, or defend against increasingly sophisticated enemies.

The  improvements needed for a distributed, renewable grid, are much the same as those needed to harden the country against a new generation of threats, both military and climatic.

Washington Post:

Russian government hackers were behind recent cyber-intrusions into the business systems of U.S. nuclear power and other energy companies in what appears to be an effort to assess their networks, according to U.S. government officials.

The U.S. officials said there is no evidence the hackers breached or disrupted the core systems controlling operations at the plants, so the public was not at risk. Rather, they said, the hackers broke into systems dealing with business and administrative tasks, such as personnel.

At the end of June, the FBI and the Department of Homeland Security sent a joint alert to the energy sector stating that “advanced, persistent threat actors” — a euphemism for sophisticated foreign hackers — were stealing network log-in and password information to gain a foothold in company networks. The agencies did not name Russia.

The campaign marks the first time Russian government hackers are known to have wormed their way into the networks of American nuclear power companies, several U.S. and industry officials said. And the penetration could be a sign that Russia is seeking to lay the groundwork for more damaging hacks.

Sara Kendzior in Fast Company:

On June 13, 2017, Attorney General Jeff Sessions testified to the Senate Intelligence committee about Russian interference in the 2016 presidential election. After fielding hours of questions about his knowledge of the plot, Sessions was greeted by an abrupt change in topic from Senator John McCain. “Quietly, the Kremlin has been trying to map the United States telecommunications infrastructure,” McCain announced, and described a series of alarming moves, including Russian spies monitoring the fiber optic network in Kansas and Russia’s creation of “a cyber weapon that can disrupt the United States power grids and telecommunications infrastructure.”

When McCain asked if Sessions had a strategy to counter Russia’s attacks, Sessions admitted they did not.

In a normal year, McCain’s inquiries about documented, dangerous threats to U.S. infrastructure would have dominated the news. His concerns are well founded: in recent years, Ukraine’s power grid has been repeatedly hacked in what cybersecurity experts believe was part a test run for the United States. Russian hackers have also hacked many centers of U.S. power, including the State Department, the White House, and everyone with a Yahoo email address in 2014, the Department of Defense in 2015, and, of course, the Democratic National Committee, Republican National Committeestate and local voter databases, and personal email accounts of various US officials in 2016.

In September, security firm Symantec said it had notified more than 100 energy companies in the U.S., Turkey, Switzerland, Afghanistan, and elsewhere about Dragonfly 2.0—a set of intrusions into industrial and energy-related companies suspected to originate in Russia. Using targeted phishing emails and compromised websites designed to capture users’ credentials, the hackers gained access in some cases not just to front-office networks but to “operational machines.” As a Symantec security analyst told Fast Company, “We’re talking about machines that are controlling elements that are plugged into the power grid.” A month later, the Dept. of Homeland Security and FBI warned critical infrastructure providers in nuclear, energy, and other key sectors about the ongoing attacks, noting that “threat actors are actively pursuing their ultimate objectives over a long-term campaign.”

Despite the increasingly clarity and severity of Russia’s intentions, Trump said in July after a meeting at the G20 that he believes Vladimir Putin “that when he tells me [Russia didn’t carry out cyberattacks ahead of the U.S. election], he means it.” (He later stated “I am with our [intelligence] agencies, especially as currently constituted with the leadership.”) And while his administration has done little in response, he did offer to partner with our attackers. After the G20, Trump tweeted: “Putin & I discussed forming an impenetrable Cyber Security unit so that election hacking, & many other negative things, will be guarded.” Kremlin officials later verified that, yes, this actually happened.

While this plan has thankfully not come to fruition (that we know of), the fact that it was even floated showcases the fundamental obstacle in keeping U.S. infrastructure protected from foreign threats. Trump’s deference to the Kremlin–one of his few unwavering stances over the decades—remains even after years of Russian hacks, likely in part because Russian hacks helped put him into office.

As a result, Americans remain unprotected, and the true extent of Kremlin leverage over the U.S. government remains unknown. In August, a quarter of the president’s National Infrastructure Advisory Council quit their posts, saying that the president had devoted “insufficient attention” to cybersecurity threats to critical infrastructure. A report on Russian interference released this week by Senate Democrats highlighted “President Trump’s refusal to publicly acknowledge the threat posed by the Russian government,” and offers over 30 recommendations to protect the country’s elections and infrastructure, including new sanctions to punish states that initiate cyberattacks and an international summit meeting focused on such threats.

Though Trump signed an executive order vowing stronger cybersecurity in May, the administration did nothing substantial until December, when it released a document noting the threats to infrastructure and vaguely vowing that hackers from a number of countries–including China, North Korea, Iran, and Russia–will be defeated. Notably, in the document, elections were no longer counted as part of “critical infrastructure,” despite President Obama designating them as such shortly before he left office–another indicator that the Trump administration’s unwillingness to take on Russian hacks is marred by self-protection and partisanship.

The Fast Company article is longer, but deserves a read.

 

Advertisements

2 Responses to “US Energy Infrastructure Vulnerable to Hack Attack”

  1. grindupbaker Says:

    I seriously doubt that public communications lines will be used for critical safety systems remote control or monitoring for a while yet but I suppose eventually it’s likely enough when the famous “we’ve studied this and there’s zero chance of failure or breach” is asserted (or SIL level 3, 9,999 years) because private Arpnets must be very expensive. I did programs 1977 linking our Toronto, Montreal, Vancouver computers in Datapac 3000 public (x.25 protocol), monitoring only 82 NYCHA elevators in South Bronx from their office 1980 over dial-up modem, monitoring & controlling elevators in Portland Oregon from Toronto, Ontario for testing 1985 over dial-up modem and monitoring only Toronto TTC subway equipment 1995 from their office using their private wiring in subway system tunnels.

    I think the “Millenium bug” date thing was probably mostly a highly-profitable semi-scam (and infotainment) to have armies of computer programmers at high p.d. rates pore through millions of lines of poor-quality code (a nice easy job) to find parts in payroll and banking programs that used some stupid decimal-encoded date calculations. No way critical safety systems (aircraft control or whatever) would be trusted to incompetent, flaky computer programs like that. All my computer programs used binary date encoding & calculation good for 89 years (2**15 days) following the first date required.

    This public internet is quite the Pandora’s Box though. When the temptation to use it for critical safety systems becomes overwhelming then it’ll be a brave new world.


Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

w

Connecting to %s

%d bloggers like this: