Russia Implicated in Ongoing Hack on U.S. Grid

U.S. blames Russia, issues sanctions

Russian President Vladimir Putin
Russian President Vladimir Putin / Getty Images
March 15, 2018

U.S. officials are blaming Russia for a wide-ranging and ongoing hack of the U.S. energy grid and related sectors, according to national security officials who announced a range of new sanctions on the Russian government as a result of the attack and other cyber hacks.

Federal authorities with the FBI and Department of Homeland Security disclosed on Thursday that Russian government-affiliated hackers had been conducting a series of attacks on the U.S. grid system and energy sector, an attack which is ongoing and pressing, according to these officials.

As a result of the hack attack, as well as efforts by Russian hackers to interfere in the 2016 election, the United States has imposed new sanctions on dozens of Russian government officials, entities, and individuals.

U.S. officials announced the new sanctions early Thursday, telling reporters they are the direct result of Russia’s ongoing cyber attacks on critical U.S. systems and other malign activities.

Russia's behavior, "or lack there of, on the world stage is continuing to trouble us," national security officials told reporters on Thursday.

The administration designated five Russian entities and 19 individuals with new sanctions, which come in addition to multiple other actions to counter such activity.

"The administration is confronting and countering malign Russian cyber activity, including their attempted interference in U.S. elections, destructive cyber-attacks, and intrusions targeting critical infrastructure," Treasury Secretary Steven Mnuchin said in a statement. "These targeted sanctions are a part of a broader effort to address the ongoing nefarious attacks emanating from Russia."

The actions cover Russia's interference in the 2016 election, as well as more recent "destructive cyber attacks" including the NotPetya hack, which was the "most destructive and costly" attack in history, according to the Treasury Department.

The latest and ongoing attack on the U.S. grid includes hacks of critical U.S. infrastructure, including "the energy, nuclear, commercial facilities, water, aviation, and critical manufacturing sectors," the administration said.

The Trump administration is becoming increasingly concerned about these hack attacks, as well as rogue Russian operations across Europe, including what appears to be a recent nerve agent attack conducted in the U.K.

FBI and DHS officials further disclosed "a new attempt by Russia to get into our energy grid" and are taking actions to warn critical sectors about this ongoing operation. U.S. officials say the Russian government is directly tied to the attack.

The new sanctions will target prominent Russian officials and entities believed to be behind the recent attack, as well as past efforts to foment unrest in the United States and influence the 2016 election.

"This is just one of a series of ongoing actions we're taking to counter Russian aggression,"according to U.S. officials. "There will be more to come."

Officials said the grid hack is ongoing and poses a pressing threat to critical U.S. infrastructure.

"The threat actors sought information" on network designs and control capabilities related to critical U.S. infrastructure and grid systems, according to these U.S. officials. The cyber actors "are using a multi stage attack campaign."

"The campaign is long term and still ongoing," officials said.

The FBI has notified at least 4,000 targets of similar attacks in the last year alone. Those targeted were deliberately selected by Russia, these officials said.

The response marks "one of the largest government responses to the cyber threat we’'e seen to date," officials said. "Part of the importance of sharing this information is that we can identify potentially other victims."

Rep. Ed Royce (R., Calif.), chair of the House Foreign Affairs Committee, welcomed the new sanctions on Russia.

"Russian cyber actors have been weaponizing information and targeting critical U.S. infrastructure undeterred for years," Royce said in a statement. "As our midterm elections approach, we must send a clear message that attacks on our political process will not be tolerated."

Congress is hoping the United States will continue to take tough action against Russia's hack attacks.

"Today’s action, using authorities provided by Congress, are an important step by the administration. But more must be done," Royce said. "The Foreign Affairs Committee will continue to closely track implementation of the Countering America’s Adversaries Through Sanctions Act and keep pushing to counter Russian aggression."

Update 11:16 a.m.: This post was updated with comment from the administration.

Published under: Cyber Security , Russia