NEWS ANALYSIS: Insecure power grid leaves US vulnerable to Russian cyberthreats
U.S. and Russian government have been trading threats to power grids.
-- While the U.S. and Russian presidents were amicably chatting in Hamburg, Germany, last week, their governments have been sending less friendly signals about power grids.
The Washington Post reported in June that President Obama issued orders to prepare options for an attack on the Russian electric grid in response to Russian manipulation of the U.S. presidential election, but it is unlikely that the Russian government learned about that order by reading media accounts about it last month. It is far more probable that Moscow knew about the options presented to Obama months ago.
The U.S. may have wanted it that way. It may have been signaling to Putin that we could also launch cyberattacks. Now Russia may have responded in kind, hacking into U.S. nuclear power plants and other aspects of the country’s electrical grids. The Department of Homeland Security and the FBI jointly warned power companies last month of a series of (likely Russian) hacks that began in May, according to reports in The New York Times.
U.S. government officials and company operators have since provided assurances that the hacking did not reach the controls of U.S. nuclear plants or the power transmission grid. Hackers targeted or penetrated only administrative systems, they said. Another way of saying that, of course, is that the power companies had not found any indications that the hackers jumped from the internet-connected administrative networks to the control systems. Sophisticated hackers, however, routinely sweep up their footprints and hide on networks in places where it is extremely difficult to find them, unless they want to be found.
All of which raises the question of whether Russian hackers wanted to be discovered rummaging around in U.S. nuclear plants and power grids. Given the sophistication of Russian government cyberteams and their proven ability to be very stealthy, it is a logical conclusion that they were intentionally being noisy to remind Washington of the cybervulnerability of our power grids. They were saying the equivalent of "Obama asked you to get ready to mess with our grid? Well, be careful, because we can do that too."
That message should be considered seriously. As long as U.S. networks managing critical systems are insecure, no U.S. president can consider launching a cyberattack on a nation like Russia without risking far greater retaliation. Checkmate.
Richard Clarke served as special adviser to the president for cybersecurity in the George W. Bush administration and coauthored the book “Cyber War.” He is now an ABC News consultant.