The Russia connectionRussia planted sabotage-enabling malware in U.S. energy grid, other critical infrastructure

Published 16 March 2018

Russia has not only attacked the infrastructure of American democracy: The U.S. government now says that Russia has engaged in a pervasive, wide-ranging cyber-assault on U.S. energy grid and other key components of the U.S. critical infrastructure. These sustained attacks on U.S. critical infrastructure – along with the Russian interference in the 2016 election and the Russian-launched NoPetya malware — were the reasons the administration on Thursday imposed a new round of sanctions on Russia.

Russia has not only attacked the infrastructure of American democracy: The U.S. government now says that Russia has engaged in a pervasive, wide-ranging cyber-assault on U.S. energy grid and other key components of the U.S. critical infrastructure.

These sustained attacks on U.S. critical infrastructure – along with the Russian interference in the 2016 election and the Russian-launched NoPetya malware — were the reasons the administration on Thursday imposed a new round of sanctions on Russia.

The sanctions the administration imposed on Thursday, though, still fall short of the sanctions enacted into law by Congress last August, and which were supposed to be imposed by 31 January. Trump reluctantly signed the sanction bill, but refused to order the implementation of the sanctions.

Most of the sanctions announced on Thursday were prepared by the Obama administration in December 2016, and were left for the incoming Trump administration to implement.

The New York Times reports that U.S. officials said that malware written by Russian government hackers had been found in the operating systems of several organizations and companies in the U.S. energy, nuclear power and processing, water ,and “critical manufacturing” sectors. The officials said that with the help of sophisticated digital forensic methods, the malware as well as other form of cyberattacks had been traced back to Moscow.

“Russia’s behavior continues to trouble us and we are continuing to push back in meaningful ways,” a senior national security official said.

The FBI and the DHS jointly issued an alert, calling on firms in the affected critical infrastructure sectors thoroughly to review and upgrade their cybersecurity. The alert said the concerted Russian cyberattack on U.S. infrastructure began in March 2016.

“It is the judgment of the DHS that Russian government cyberhackers were behind the hacking of organizations in the energy sector,” a senior official said, adding that it was clear that the cyberattack was coordinated at the highest levels of the Russian government and that the attacks “deliberately targeted” critical infrastructure assets.

U.S. senior intelligence and security officials told the Times that the initial motive for the Russian cyberattack was surveillance, aiming to allow Russian intelligence to gather information on computer management systems throughout the U.S. energy sector.