US: Russia hacks energy grid, critical infrastructure
Washington – The Trump administration accused Russia on Thursday of a concerted operation to hack the U.S. energy grid and other critical infrastructure including aviation, and separately imposed sanctions on a raft of Russian officials for alleged high-tech interference in the 2016 American presidential election.
The moves were the strongest to date against Russia by the administration, which critics have complained is being soft on Moscow.
U.S. national security officials said the FBI, Department of Homeland Security and intelligence agencies had determined that Russian intelligence and others were behind a broad range of cyberattacks beginning a year ago that have infiltrated the energy, nuclear, commercial, water, aviation and manufacturing sectors.
The officials said the Russian hackers chose their targets, obtained access to computer systems, conducted “network reconnaissance” of systems that control key elements of the U.S. economy and then attempted to cover their tracks by deleting evidence of their infiltration.
The U.S. government has helped the industries kick out the Russians from all systems currently known to have been penetrated, according to the officials, but the efforts continue. The officials, who briefed reporters on condition of anonymity to discuss sensitive national security information, left open the possibility of discovering more breaches, and said the federal government was issuing an alert to the energy industry to raise awareness about the threat and improve preparation.
That alert, published online by Homeland Security, said the hacking effort was a “multi-stage intrusion campaign by Russian government cyber actors who targeted small commercial facilities’ networks” to gain access and plant malware, which was then used to monitor activity as well as to move laterally into other, larger industrial control systems.
It also said the hackers exploited open-source material from companies’ public websites to mine seemingly innocuous information that was later used to infiltrate networks. In one case, the alert said, hackers downloaded a small image from a company’s human resources page that when blown up was actually “a high-resolution photo that displayed control systems equipment models and status information in the background.”
The accusations and accompanying Russian sanctions were the most severe yet by the Trump administration in connection with hacking and other efforts to sow discord in America’s democracy and compromise its infrastructure.
Also Thursday, President Donald Trump, who has been publicly skeptical of the election allegations, joined the leaders of Britain, France and Germany in a joint statement blaming Moscow for the poisoning of an ex-Russian spy who was living in England.
Reaction from Russia was swift.
Deputy Foreign Minister Sergei Ryabkov said Moscow was greeting the sanctions calmly, but he warned that Russia had already started “to prepare a response.” He suggested the Trump administration had timed the sanctions to come ahead of this weekend’s presidential election in Russia, in which President Vladimir Putin is expected to win an overwhelming victory.
“It is tied to U.S. internal disorder, tied of course to our electoral calendar,” Ryabkov was quoted as saying by the Russian state news agency Tass.
The list of Russians now under U.S. sanctions includes the 13 indicted last month by U.S. special counsel Robert Mueller as part of his Russia-related investigation into alleged election interference. The sanctions are the first use of the new powers that Congress passed last year to punish Moscow for meddling in an election that Trump won over Democrat Hillary Clinton.
“These targeted sanctions are a part of a broader effort to address the ongoing nefarious attacks emanating from Russia,” Treasury Secretary Steven Mnuchin said. He said others would face punishment in the future under the new sanctions law “to hold Russian government officials and oligarchs accountable for their destabilizing activities.”
Altogether, 19 Russians were cited. Also sanctioned were five Russian companies, including the Internet Research Agency, which is accused of orchestrating a mass online disinformation campaign to affect the presidential election result.
The U.S. Treasury Department announced the sanctions amid withering criticism accusing Trump and his administration of failing to use its congressionally mandated authority to punish Russia. The sanction targets include officials working for the Russian military intelligence agency GRU.
Thursday’s action freezes any assets the individuals and entities may have in the United States and bars Americans from doing business with them.
The Treasury Department said the GRU and Russia’s military both interfered in the 2016 election and were “directly responsible” for the NotPetya cyberattack that hit businesses across Europe in June 2017, causing billions of dollars in damage by disrupting global shipping, trade and medicine production. It noted that the attack caused several U.S. hospitals to be unable to create electronic medical records for more than a week.
Among those affected was Yevgeny Prigozhin, who is known as “Putin’s chef” and who ran the St. Petersburg-based Internet Research Agency, and 12 of the agency’s employees. They were included in Mueller’s indictment last month.
The agency “tampered with, altered or caused a misappropriation of information with the purpose or effect of interfering with or undermining election processes and institutions,” specifically the 2016 U.S. presidential race.
“The IRA created and managed a vast number of fake online personas that posed as legitimate U.S. persons to include grass-roots organizations, interest groups and a state political party on social media,” the Treasury Department statement said. “Through this activity, the IRA posted thousands of ads that reached millions of people online.”
The sanctions also affect the Russian Federal Security Service, or FSB, and six of its employees for cyberattacks more broadly, including those targeting Russian journalists, opposition figures, foreign politicians and U.S. officials. The Americans include members of the diplomatic corps, the military and White House staffers.