The Trump administration accused Russia on Thursday of engineering a series of cyberattacks that targeted American and European nuclear power plants and water and electric systems, and could have sabotaged or shut power plants off at will.
United States officials and private security firms saw the attacks as a signal by Moscow that it could disrupt the West’s critical facilities in the event of a conflict.
They said the strikes accelerated in late 2015, at the same time the Russian interference in the American election was underway. The attackers had successfully compromised some operators in North America and Europe by spring 2017, after President Trump was inaugurated.
In the following months, according to a Department of Homeland Security report issued on Thursday, Russian hackers made their way to machines with access to critical control systems at power plants that were not identified. The hackers never went so far as to sabotage or shut down the computer systems that guide the operations of the plants.
Still, new computer screenshots released by the Department of Homeland Security on Thursday made clear that Russian state hackers had the foothold they would have needed to manipulate or shut down power plants.
“We now have evidence they’re sitting on the machines, connected to industrial control infrastructure, that allow them to effectively turn the power off or effect sabotage,” said Eric Chien, a security technology director at Symantec, a digital security firm.
“From what we can see, they were there. They have the ability to shut the power off. All that’s missing is some political motivation,” Mr. Chien said.
American intelligence agencies were aware of the attacks for the past year and a half, and the Department of Homeland Security and the F.B.I. first issued urgent warnings to utility companies in June. On Thursday, both agencies offered new details as the Trump administration imposed sanctions against Russian individuals and organizations it accused of election meddling and “malicious cyberattacks.”
It was the first time the administration officially named Russia as the perpetrator of the assaults. And it marked the third time in recent months that the White House, departing from its usual reluctance to publicly reveal intelligence, blamed foreign government forces for attacks on infrastructure in the United States. [Continue reading…]
Don’t miss the latest posts at Attention to the Unseen: Sign up for email updates.