Connect
To Top

In Latest Cyber-Attacks on U.S Soil, Russian Hackers Target U.S. Power Plants

With all the furor about Russians meddling in US elections not too long ago, one would be forgiven for thinking such incidents were a one-off. Incredibly, it turns out as recent as March 15, the US government released a report citing Russian hacking incidents meant to infiltrate America’s ‘critical infrastructure’. These include things like water facilities, nuclear generators, and power plants.

The report was a combined effort by the Federal Bureau of Investigations and the Department of Homeland Security. In the report, they detail that Russian hackers managed to access computers in the aforementioned critical infrastructure industries. From there, they were able to access login and password credentials plus information contained therein about energy generation.

Russian cyber attacks surged last year, starting three months after Mr. Trump took office.

The report, however, does not go at length in explaining whether there was visible incapacitation of the said facilities. However, the brazen nature of the attack could set up future attacks to inflict more damage.

Speaking after the cyber-attack was made public, Energy Secretary Rick Perry shared comments with fellow lawmakers about the rapid increase in these types of attacks in the hundreds of thousands of range every single day. He made a point to caution the Department of Energy to create a department to deal with emergencies and cybersecurity issues that may arise. Having such an office in place would prepare the Department of Energy to anticipate and curb the future risks, according to the lawmaker.

Distractions

Russian attacks on the Ukrainian power grid in 2015 and 2016 left more than 200,000 citizens in the dark

While the hacking news is major, it somehow got lost in many people’s feed thanks to other news. Most of the news was littered with talk about Trump’s staffing drama and the Stormy Daniels saga. All these events happened at around the same time.

Nevertheless, the news is major since it is the first time the US government has explicitly blamed the Russian government for its role in the attacks on the US energy infrastructure. The move is a bold one since it strategically allows the US to deal with Russia as a country instead of focusing on specific hackers.

By taking issue with Russian intelligence agencies at the Kremlin, the US has sent out a warning about possible ramifications in future should such attacks re-occur. Calling them out also sends a message that they are willing to sanction high-ranking members of Russian intelligence agencies for actions committed by their subordinates.

In doing so, they are effectively combating future incidents of the same. This is because it will become riskier not just for the hackers, but also their bosses in government. This is inclusive of anyone issuing authorization for cyber attacks to be initiated.

Tactics

Recently, the British health system and computers in schools, businesses, and homes around the world were paralyzed by the ‘WannaCry’ Ransomware attack

The Russian hackers used a couple of intelligent methods to gain access to critical US energy infrastructure. One of the techniques is known as ‘spear phishing’. This is a situation where employees are able to open up emails from familiar people and share information with them. In truth, most of the emails from those ‘familiar people’ actually originated from Russia. The simply hacked the system bitwise.

Water holing was another technique they employed. The hackers did so by altering specifics of websites that people in the energy industry often frequent. By doing so, the hackers were able to collect sensitive data like login credentials and passwords, straight from the source.

Downloads were another target area the Russian hackers focused on. Users were prompted to download alluring word documents that in truth, hid their true intents. The documents were malicious since they provided hackers with backdoor access to the respective computers they were launched on.

Once the hackers had access, they were able to create administrator accounts. Having such accounts that allowed the installation of more malware on the networks. Unsurprisingly, the Russian hackers were able to cover their tracks through intelligent coding. The code allowed the system to automatically log out of the administrator accounts every eight hours. Thus, they became almost untraceable to the untrained eye.

Launch Pad

While the listed techniques the Russian hackers used to infiltrate the energy industry were brilliant, they are no different from the nature of most attacks. They were however much more effective due to improved targeting and focused intelligence.

No apparent sabotage was achieved though. The US State agencies have however decided to take the move by the Russian hackers as a warning. The bold cyberattacks were meant to send out a warning about possible threats Russians could afflict on the US nation. Their extensive reach could cripple critical infrastructure in case of disagreements.

More in Business

You must be logged in to post a comment Login

Leave a Reply