The Trump administration put to bed any lingering notions of Russian collusion by leveling accusations at Russia of hacking our power grid with a years-long cyber attack campaign. This was a public accusation and nuked the meme that Trump favors the Russians over his own country.
The administration issued a security alert detailing Russia’s orchestrated attempts to hack into our energy grid via government-employed hackers. The technical alert, a result of analyses by the Department of Homeland Security and the FBI, concluded that the Russian government conducted a “multi-stage intrusion campaign” targeting: “U.S. Government entities as well as organizations in the energy, nuclear, commercial facilities, water, aviation, and critical manufacturing sectors.”
“DHS and FBI characterize this activity as a multi-stage intrusion campaign by Russian government cyber actors who targeted small commercial facilities’ networks where they staged malware, conducted spear phishing, and gained remote access into energy sector networks,” the alert’s overview reads. “After obtaining access, the Russian government cyber actors conducted network reconnaissance, moved laterally, and collected information pertaining to Industrial Control Systems (ICS).” It has long been known that Russia was doing this, but this is the first public statement accusing them of it.
This has been going on since March 2016 and probably long before that. “This campaign comprises two distinct categories of victims: staging and intended targets,” the alert explains. “The initial victims are peripheral organizations such as trusted third-party suppliers with less secure networks, referred to as ‘staging targets’ throughout this alert. The threat actors used the staging targets’ networks as pivot points and malware repositories when targeting their final intended victims. NCCIC and FBI judge the ultimate objective of the actors is to compromise organizational networks, also referred to as the ‘intended target.'”
Energy Secretary Rick Perry is leading the charge here and this is just the beginning. The report lists the following hacking methods employed by Russia:
- Spear-phishing emails (from compromised legitimate account),
- watering-hole domains,
- credential gathering,
- open-source and network reconnaissance,
- host-based exploitation, and
- targeting industrial control system (ICS) infrastructure.
The alert gives specific examples on how companies were targeted and attacked by campaigns. It also covers best practices for protecting against these types of attacks. The attacks are historic in nature and constitute an ongoing act of war:
The decision by the United States to publicly attribute hacking attempts of American critical infrastructure was “unprecedented and extraordinary,” said Amit Yoran, a former U.S. official who founded DHS’s Computer Emergency Response Team.
“I have never seen anything like this,” said Yoran, now chief executive of the cyber firm Tenable, said. […] U.S. officials have historically been reluctant to call out such activity in part because the United States also spies on infrastructure in other parts of the world.
Russia was just slapped with sanctions by the Trump administration over 19 Russians and their roles in meddling in the 2016 election. “We’re going to be tough on Russia until they decide to change their behavior,” White House spokeswoman Sarah Huckabee Sanders told reporters. This came just one day after U.S. Ambassador to the U.N. Nikki Haley slammed the Russians for a nerve agent attack against a former spy and warned that Russia might one day use chemical weapons against the U.S. “If we don’t take immediate concrete measures to address this now, Salisbury will not be the last place we see chemical weapons used,” Haley told the U.N. Security Council. “They could be used here in New York, or in cities of any country that sits on this Council. This is a defining moment.”
This is a major ratcheting up of tensions between the U.S. and Russia over cybersecurity. Hackers penetrated targeted companies to a surprising degree, including copying information that could be used to gain access to the computer systems that control power plants. It’s the kind of access that experts say would have given Moscow the ability to turn off the power if it wanted to. The alert came eight months after leaked documents revealed that federal authorities had found evidence of foreign hackers breaching computer networks in U.S. power companies, including the operator of the Wolf Creek nuclear plant in Kansas.
It’s rare for the U.S. government to be so blunt about a foreign adversary’s cyber spying… aka digital espionage. After the alert, Energy Secretary Rick Perry warned members of a House Appropriations subcommittee that he’s “not confident” the federal government has an adequate strategy in place to address the “hundreds of thousands” of cybersecurity attacks directed at the U.S. every day. Sen. Maria Cantwell of Washington state, the top Democrat on the Energy and Natural Resources Committee, said the alert followed a long series of unanswered warnings about the danger that hackers could trigger economically devastating blackouts.
According to Jon Wellinghoff, a former chairman of the Federal Energy Regulatory Commission who now runs his own energy policy consultancy, the hackers seemed to be gathering intelligence “that could provide them with information in the future to do something if they wanted to.” Essentially, they were setting the stage to potentially turn off the power, cyber experts said. Cyber attacks are our biggest security threat. The sanctions and accusations leveled at Russia are the first step in fighting back against this type of warfare.
Rachel Dolezal, Former NAACP Leader, Charged With Welfare Fraud
Rachel Dolezal, a former NAACP leader, is back in the news. This time for welfare fraud. Previously it was for...
Obama: Netflix Will Train the Next Generation of Leaders… Heal Our Political Divide
Former president Barack Obama and former first lady Michelle Obama have just inked a multi-million dollar deal with Netflix. Obama...
Armed Citizen Kills Gunman At Oklahoma City Restaurant
In Oklahoma City a man walked into Louie’s On The Lake restaurant and opened fire with a handgun, wounding a...
President Trump Cancels North Korean Summit In Singapore
President Trump has officially pulled out of the North Korean summit in Singapore with Kim Jong-Un. He scolded the North...
Trump: Won’t stand for National Anthem? Maybe you shouldn’t be in the country.
President Trump was very pleased with the NFL’s decision to impose a ban on kneeling during the playing of the...
CNN Interviews Man Who Won’t Move Out Of Parents’ Home And It’s Cringeworthy
An unemployed 30 year-old man has been in the news after his parents sued him and tried to evict him...
FBI Agents Want Congress To Issue Them Subpoenas So They Can Expose Comey and McCabe
The Daily Caller is reporting that several FBI agents want Congress to subpoena them so they can testify against the...
ICE Director Slams Dem: Don’t Call Us Anti-Immigrant For Enforcing Your Laws
The acting director of ICE (Immigration and Customs Enforcement), Thomas Homan, slammed Democratic California Rep. Nanette Barragan for disparaging the...
Tomi Lahren Gets Drink Thrown On Her And Is Verbally Assaulted
Fox News commentator Tomi Lahren, 25, had a drink thrown on her by a woman while she was having brunch...
Boy Scout World Jamboree Says Condoms Will Be ‘Readily And Easily Accessible’ For Event
Leadership of the Boy Scouts has mandated that condoms be “readily and easily accessible” for next year’s 24th World Scout...
- This Picture Of Nikki Haley At The UN Says It All: Just Walk Away on
- Palin: McCain VP Regret Remarks Are A ‘Perpetual Gut-Punch’ on
- McCain Says He Regrets Picking Sarah Palin As Running Mate, Doesn’t Want Trump At Funeral on
- Antifa Hangs Trump In Effigy, Calls For ‘Revolutionary Violence’ on
- Hogg And Kasky: The NRA Is Scared, Calls Trump A Professional Liar on