Slashdot is powered by your submissions, so send in your scoop

 



Forgot your password?
typodupeerror
×
Government Security

Russians Who Pose Election Threat Have Hacked Nuclear Plants and Power Grid (nytimes.com) 66

The New York Times reports: Cybersecurity officials watched with growing alarm in September as Russian state hackers started prowling around dozens of American state and local government computer systems just two months before the election. The act itself did not worry them so much — officials anticipated that the Russians who interfered in the 2016 election would be back — but the actor did. The group, known to researchers as "Dragonfly" or "Energetic Bear" for its hackings of the energy sector, was not involved in 2016 election hacking. But it has in the past five years breached the power grid, water treatment facilities and even nuclear power plants, including one in Kansas...

September's intrusions marked the first time that researchers caught the group, a unit of Russia's Federal Security Service, or F.S.B., targeting states and counties. The timing of the attacks so close to the election and the potential for disruption set off concern inside private security firms, law enforcement and intelligence agencies... American officials described the hackings in an advisory on Thursday as "opportunistic," rather than a clear attack on election infrastructure, but conceded the group had targeted dozens of state and local systems and stolen data from at least two targets' servers. "They're broadly looking to scan for vulnerabilities and they're working opportunistically," said Christopher C. Krebs, the director of the Cybersecurity and Infrastructure Security Agency, which issued the warning along with the F.B.I.

That hardly reassured researchers who have tracked Energetic Bear for years. "This appears to be preparatory, to ensure access when they decide they need it," said Adam Meyers, the head of threat intelligence at CrowdStrike, a security firm that has monitored the group... A disturbing screenshot in a 2018 Department of Homeland Security advisory showed the groups' hackers with their fingers on the switches of the computers that controlled the industrial systems at a power plant. The group has thus far stopped short of sabotage, but appears to be preparing for some future attack. The hackings so unnerved officials that starting in 2018, the United States Cyber Command, the arm of the Pentagon that conducts offensive cyberattacks, hit back with retaliatory strikes on the Russian grid.

This discussion has been archived. No new comments can be posted.

Russians Who Pose Election Threat Have Hacked Nuclear Plants and Power Grid

Comments Filter:
  • by nospam007 ( 722110 ) * on Saturday October 24, 2020 @03:39PM (#60644132)

    ...are the lights still on?

    • Re: (Score:2, Interesting)

      So....what is your point?

      We have Russian hackers and propagandists creating havoc in the the USA. They indirectly killed almost 230,000 people in the USA with their social media bullshit and helping to get President Cheetos elected.

      And now they are running around our infrastructure systems. All we need is to have basic services disrupted and we'll have those armed gangs - excuse me, "militias" - taking it upon themselves to "protect law and order". And then there will be other armed gangs with their own *

      • Re: (Score:3, Interesting)

        by Powercntrl ( 458442 )

        They indirectly killed almost 230,000 people in the USA with their social media bullshit and helping to get President Cheetos elected.

        I hate Trump as much as the next guy, but even I can say that’s a bit of a stretch. Let’s imagine we’re in reality B where there was no “buttery males” and Hillary won:

        “President Cheeto” still has his legion of Twitter followers (and has possibly started his own alt-right news network), and they’ve still maintained the position that mask mandates are infringing on mah freedums!. Red state governors tell Hillary to go pound sand, just to spite her.

        The 2018

        • by AmiMoJo ( 196126 )

          If you look at the countries that have done the best with coronavirus one thing stands out; their leaders managed to get broad support for their decisive actions.

          New Zealand is the gold standard for that. Ardern build cross-party support, united behind the science, and acted quickly and decisively. She just won a landslide victory in the election but is seeking to build a coalition anyway - voluntarily distributing power and making sure that everyone is represented. It's an absolute revolution in politics.

          O

      • by MikeMo ( 521697 )
        Please identify the specific actions and/or inactions on the part of President Trump which led to the deaths of each and every one of those 230,000 people.

        I keep hearing these vague claims that it’s all his fault, but no one has been specific. It’s also pretty hard to blame each and every death on him.
        • * Trump told his people to slow the testing down because all the positive cases were hurting his numbers.

          * Trump has set the national tone by mocking people for wearing masks.

          * Trump continues to misinform people on the covid-19 information.

          https://www.usatoday.com/story... [usatoday.com]

          * Trump purposefully downplayed the virus early on

          * Trump could have set up fast responding fed teams similar to wildfire hotshots to snuff out outbreaks

          etc...

          • Yep, President Trump did all of that. Now, to really trigger all the people with Trump Derangement Syndrome, the next thing he will do is get elected for another 4 years in the White House.

          • by dcw3 ( 649211 )

            Yup, I don't like him either, but your itemized list does not account for 230k fatalities. A fractional portion of them possibly, but that's it.

        • by rtb61 ( 674572 )

          How about a publicly declared act of war upon Russia by the USA. The US government declared publicly that it is attacking the power grid of Russia, a publicly declared act of war which forces a response, a war based response.

          This announcement is meant to initiate a confrontation on purpose. Mind you a war based confrontation. I wonder why, possibly because Russia and China are now talking a joint defence alignment, Russia military tech, flowing into China manufacturing capability.

          So what kind of retaliator

      • Can we please stop calling him "President Cheetos" or any variant of. This is a grave insult to the delicious orange snack, Cheetos.

        See I live in China right now because my country is going through the stupidest period of it's existence (with no end in sight) and I assure you, I don't need anymore Trump in my life... but shit man, you made me want some Cheetos. This is a problem -- it sends a mix message and if we don't get things straight, Trump may be re-elected a third time as the Cheetos Supremos with n

    • Re:So... (Score:5, Insightful)

      by jroysdon ( 201893 ) on Saturday October 24, 2020 @04:08PM (#60644198)

      The problem with this mentality is that it ignores that there could be a foothold such that when they want to turn off or damage the US grid, they can do so with a few keystrokes or mouse clicks.

      If one thinks things were bad with the US economy with the 'Rona, just wait until the lights go out in major cities and can't be restored due to damaged transformers or power plants - for years.

    • The the lights are still on because the light switches in most people's houses aren't on the internet. I don't think most functions of power plants should be either. Are they? I don't know. Most small businesses don't have all the functions on the internet. Do dairy farmers have their milking machines on the internet. Do dentist have their x-ray machines controls and drills on the internet? Are lawnmowers on the internet. What we need are facts. Instead, we get scary movie scenarios. Are power plants empty

  • by Snotnose ( 212196 ) on Saturday October 24, 2020 @03:43PM (#60644138)
    I remember on Usenix people, especially on Risks, when learning these large infrastructure doohickies (power plants, dams, chemical plants,refineries etc) were going onto the internet. There was much gnashing of teeth amongst the techies, but the MBAs running the companies all "we can save 0.002% by going online, it will cost 1.003% for security, and those geeks are scaremongers". So all targets connected to the internet, security was a password of "password", and things went well for 20 years.

    Now all the senior decision makers are retired with nice salaries, and all the predictions are coming true.
    • by dj245 ( 732906 )
      This was true 10 years ago. The US power industry had a huge wakeup call during the 2003 blackout, and when Stuxnet was announced. Any large power plant has been following NERC [nerc.net] reliability and cybersecurity standards for many years now (they got in compliance well before the rules became effective).
    • by 4im ( 181450 )

      RISKS is still here, you'll find the digests at http://catless.ncl.ac.uk/Risks/ [ncl.ac.uk].

      They've had a lot of stuff on voting too, and many other areas too.

      The digest was recommended by one of my professors back in the mid-90ies on usenet comp.risks, I still read them via their RSS feed, long after my ISP has shut down its usenet news server.

  • Is this whole Russia thing a self-fulfilling prophecy? For some reason the media seems intent on the American public being terrified. If I were Russian and I saw the constant headlines accusing me of wrongdoing I'd probably feel threatened and then justified.
  • by The Rizz ( 1319 ) on Saturday October 24, 2020 @04:02PM (#60644178)

    Russia is very clearly engaging in acts of aggression against the USA here, and it's putting the lives of our citizens at stake. We can complain and try to get the Russian government to arrest the hackers ... but we all know it's really the Russian government doing it, so there will never be any penalties for it.

    So, how about the USA takes off the kid gloves and declares open season on these pricks? Allow every hacker and script kiddie in the USA to hack into everything and anything in Russia, spread misinformation, tamper with their elections, and be fully shielded from prosecution for doing so? If the Russians can hack us with no repercussions, then why not let us do the same to them? Fair is fair.

    • by 1s44c ( 552956 ) on Saturday October 24, 2020 @04:22PM (#60644212)

      Proxy servers dude.. Nobody can be 100% sure who is attacking what as any attack can come from any IP and any fool can use foreign words in their code. "Everybody knows" means that everybody got their information from the same source, it doesn't mean "true".

    • We did return fire, with sanctions mandated by congress (the Countering America's Adversaries Through Sanctions Act)... which Trump then disparaged, delayed implementing, implemented weakly, and then exploited to hamper a gas pipeline in a fairly transparent maneuver which had nothing to do with stopping election interference but was rather about trying to get European countries to buy American natural gas.

      As for responding in kind: you're assuming that their infrastructure and elections are as vulnerabl
      • a fairly transparent maneuver which had nothing to do with stopping election interference but was rather about trying to get European countries to buy American natural gas.

        Could you explain to me how this is a bad thing?

        Seems to me that it's mutually beneficial to nations in Europe and North America to be strong trade partners rather than see Russia gain economic and political influence over Europe.

        Seeing Germany become more and more reliant on less-than-friendly nations for energy vital to it's economy is not good for Germany, and not good for the USA to see a major ally fall under the influence of Russia and other nations that would be piping in natural gas.

        It's certainly p

        • Well your comment certainly did some wandering around, but to answer your first question: "Could you explain to me how this is a bad thing?"

          Sanctions are a form of attack, they're used to coerce and not in a nice way. Because they're so aggressive, justified use of sanctions always involves a response to some misdeed. Attacking another country without provocation, for the sake of your own gain, is generally frowned upon.

          In this case there was provocation, and so sanctions were justified, but then thos
          • In this case there was provocation, and so sanctions were justified, but then those sanctions were applied against German companies for the sake of American monetary gain.

            For the sake of American monetary gain? Is that the only reason? Perhaps American businesses would benefit but that doesn't appear to be the only, primary, or even something of a minor consideration in this action.

            There's no guarantee that Germany and other nations will buy American natural gas because of this pipeline not being completed. Germany is free to have liquified natural gas shipped in from anywhere to make up for this, and that includes shipping in LNG from Russia.

            The problem was that American

            • What you're suggesting is that the United States is acting to keep the first and second worlds separate. i.e.: We've started a new cold war for some monumentally stupid reason. Nothing that I've seen suggests this, and it's not relevant anyway. The point and the problem is that this is not the purpose of those sanctions, congress directed that they be applied to individuals in Russia who had acted to interfere with our elections.

              Even if a new cold war was a worthy goal, this is not how you would go about
              • Germany and the EU are just as pissed off about this abuse of sanctions as Russia is

                For nations that ave stated publicly their intention to reduce their reliance on fossil fuels it seems odd that they are so upset about a natural gas pipeline deal falling through.

    • by Anonymous Coward

      I always wonder how do they attribute those responsible for the hacking attempts with such accuracy - even naming specific units and persons? How is it done, with all the proxies and VPNs involved? Can NSA et. al really combine and map the TCP connections or streams to uncover the real source of data?
      Are the indicted operatives so stupid as to use fixed broadband IPs when performing their attacks?
      Questions, questions...

    • by AmiMoJo ( 196126 )

      The US is doing the same thing to them, as is the UK. It's a cold war and nobody wants to escalate it to a hot one.

  • Turn off their power plants, or play with the settings at a nuclear power plant to stain their pants a little
  • by Gravis Zero ( 934156 ) on Saturday October 24, 2020 @04:38PM (#60644226)

    It seems very clear that if critical infrastructure not only can but has been compromised that it should be permanently taken offline. If you aren't responsible enough to secure something vital to everyone then you should lose the privilege of connecting it to the internet.

    I'm perfectly aware that two networks exist with regard to industrial plants to isolate them and prevent this kind of hacking and I also know companies take shortcuts that undermine this. If you have been hacked or even made it possible to be hacked then you should be penalized because this is literally a matter national security.

    • It seems very clear that if critical infrastructure not only can but has been compromised

      Because your favorite (and very clearly biased) liberal media news organization told you so? People on /. complain about "Q cultists" and "Trump tards" all the while acting like Democratic party cultists themselves. I know we're growing closer to the election, but it's sad to see how political this site has become. What happened to impartial and moderate viewpoints? Does everyone have to be radicalized these days?

      • It seems very clear that if critical infrastructure not only can but has been compromised

        Because your favorite (and very clearly biased) liberal media news organization told you so?

        Who knew "Cybersecurity officials" worked at a "liberal media news organization"? Also, when did election security become a partisan issue? Why would one party be less interested in ensuring election security?

        acting like Democratic party cultists

        1) I am not an independent voter.
        2) I have always been deeply concerned about security because it's an afterthought in profit-motivated corporations.

        I know we're growing closer to the election, but it's sad to see how political this site has become.

        A compromised power grid is a real threat to national security. What about it makes this political?

        What happened to impartial and moderate viewpoints?

        I can actually tell you what happened: The Fairness [wikipedia.org]

    • Aren't you glad NSA worked with MS to put back doors in their software? "Who could have predicted that it would come back to bite us?
    • It seems very clear that if critical infrastructure not only can but has been compromised that it should be permanently taken offline. If you aren't responsible enough to secure something vital to everyone then you should lose the privilege of connecting it to the internet.

      I'm perfectly aware that two networks exist with regard to industrial plants to isolate them and prevent this kind of hacking and I also know companies take shortcuts that undermine this. If you have been hacked or even made it possible to be hacked then you should be penalized because this is literally a matter national security.

      So is COVID, and yet we refuse to declare that a national emergency or a matter of national security, providing appropriate Federal oversight to create a singular and consistent response to a national threat. Yes, this would require temporarily disabling the concept of States Rights.

      No, that is not insane. Enabling every level of government to legally override every other level of government is the true insanity during a national crisis, and has helped fuel this clusterfuck of an American response. As I'

  • Slight correction (Score:1, Informative)

    by Captivale ( 6182564 )

    when you say:

    "the head of threat intelligence at CrowdStrike, a security firm that has monitored the group."

    you may have accidentally omitted a few slightly important words, such as:

    CrowdStrike, the Democrat-owned, Democrat-sponsored PR firm that doesn't actually do any real internet sercurity, only press releases attacking whoever the DNC's enemies are at the moment, and by total coincidence, are the only ones who have actually seen the Democrat servers that were supposedly hacked by Russia ( despite MSM-ig [theintercept.com]

    • Funny I did not connect that the first time. But Yea ;) The DNC only allowed CrowdStrike to do a post hack security review and no one else not even the FBI.
    • by Shelled ( 81123 )

      And in later testimony under threat of perjury "corrected" the perception they hard hard proof Russians extracted data from the server, backpedalling to "has the hallmark".

    • You hit the nail on the head. Crowdstrike is using the NYT (or vice versa or collaborating with) as alt-programming to distract from the real world what is happening surrounding someone's laptop that was left behind at a repair shop. Which the media has collectively decided to stamp out any mention of anywhere they can using any means they can. Hence this story appears.

      It's so bad that Twitter has resorted to banning the NYPost (and others) and shadowbanning countless others on Twitter for what is rapidly b

  • Between the offshoring of code to India (2 closets friends? Russia and Iran), combined with the Political Correct idiots that run around saying that you can not use a person's background for doing background checks (i.e. if somebody,, or their family, is from Russia, China, Iran, N. Korea, etc, the PC ppl say that you can not use that for security checks; INSANE).
    • by dcw3 ( 649211 )

      Between the offshoring of code to India (2 closets friends? Russia and Iran), combined with the Political Correct idiots that run around saying that you can not use a person's background for doing background checks (i.e. if somebody,, or their family, is from Russia, China, Iran, N. Korea, etc, the PC ppl say that you can not use that for security checks; INSANE).

      Have you ever filled out a federal security background check form (SF-86)? Your parents, siblings, In-laws...you have to provide all their places of birth, along with all of your own foreign contacts.

  • Get real (Score:4, Insightful)

    by onyxruby ( 118189 ) <onyxruby&comcast,net> on Saturday October 24, 2020 @10:30PM (#60645048)

    The Russians were estimated to have bought somewhere in the low six figures for ads for the 2016 election. Those ads were split roughly evenly against both candidates. They were all designed to create discord and divide the country. This is something they have been doing worldwide since the 1950â(TM)s. read the Sword and Shield written years before current affairs for fascinating historical details.

    https://www.sandiegouniontribu... [sandiegouniontribune.com]

    That was a campaign where Hilary alone had a $2 billion budget. Who knows how much dark money was spent helping her. This doesnâ(TM)t even include in-kind contributions from the media. Lord knows how much was done for free by fans. The Russian contribution was orders of magnitude smaller than what was spent just by dark money contributions.

    https://www.intelligence.senat... [senate.gov]

    The real manipulation of the election by far is big tech. Their censorship and manipulation of their platforms is easily worth billions of dollars in in-kind contributions. They have been blatantly stealing the election and manipulating the vote for their political gain. The Russians were accused of buying ads on their platforms. This is nothing compared to the platforms themselves giving away ads and blatantly censorship to favor one candidate.

    https://thehill.com/hilltv/ris... [thehill.com]
    https://thehill.com/opinion/te... [thehill.com]
    https://creativedestructionmed... [creativede...nmedia.com]

    Demand free elections. Demand big tech stop meddling in our elections. Even if you donâ(TM)t like Trump, you may not like their next candidate. Return our elections to the people.

    • probably Google. It's founder, Sergei Brin is Moscow-born.

      I'm personally not freaked out by this, but I continue to be amazed that so many of the Obama/Hillary people who have spent 4+ YEARS screaming RUSSIA! are positively in love with Google. There was a revolving door for employees between Google and the White House during the Obama years. It's also amazing that all that "Russian Collusion" garbage was entirely derived from the "Steele Dossier" which was written by a British spy and his Russian spy frie

    • The real manipulation of the election by far is big tech. [...] They have been blatantly stealing the election and manipulating the vote for their political gain.

      Then maybe we should have some sort of doctrine of fairness to present controversial issues of public importance and to do so in a manner that is honest, equitable, and balanced. [wikipedia.org]. Oh yeah, Republicans said this infringed on free speech, presumably of corporations.

      Demand free elections. Demand big tech stop meddling in our elections. Even if you donâ(TM)t like Trump, you may not like their next candidate. Return our elections to the people.

      I'm with you 100% but that would also require sacrificing blatantly partisan media outlets as well. If you don't think it's related then you are lying to yourself.

      • The challenge is how do you define blatantly partisan media news outlets? Take Breitbart for example, they are certainly partisan, however they own their bias and do not hide it. On the flip side you have places like CNN where the CEO Jeff Zuckerberg micromanages what the anchors say through their earpieces and claims neutrality.
        I think the fairness doctrine should be reviewed for reimplementation and would be a good start. One of the biggest issues that has been driving the divisions within our country is

        • The challenge is how do you define blatantly partisan media news outlets?

          You don't. What you do is set up a way of addressing political matters in media. This is literally what the Fairness Doctrine did.

          Increased user engagement comes from getting people to stay within your ecosystem. How do you get people to say in your ecosystem? Give them more of what you want.

          Actually, what they found was that conflict does a great job of keeping people engaged.

          Meanwhile conservatives have almost completely turned away from the mainstream media since they no longer trust them.

          Fox News is the most watched news channel... [wnd.com] and you are claiming they aren't mainstream?

          The fourth estate has failed and big tech has arguably already become an oligarchy.

          No, companies do what they always do: optimize money flow. What we have is a failure of leadership. Republican politicians loved the death of fair media until social media became a thing and now it's a

          • I've already agreed with you on the Fairness Doctrine.

            I certainly think we need some conflict in users feeds. People need to be routinely exposed to the other side - whatever that is. Arguably we need to ensure that at least a certain portion of someone's feed is from opposing viewpoints to minimize the echo chamber effect.

            No argument that Fox is the most watched new channel. I'm used to dealing with people claiming that Fox is somehow not mainstream. Outside of Fox, conservative do not trust the media, whi

            • The fourth estate has failed and big tech has arguably already become an oligarchy.

              No, companies do what they always do: optimize money flow.

              As for the fourth estate, I think the recent failure of the laptop story has blown that out of the water.

              I don't think so. Here are just a few reasons to not cover the laptop story that have nothing to do with political viewpoints:

              - The laptop story was said to have all the hallmarks of a Russian disinformation campaign. Reporting on it could easily be viewed as being de-legitimizing in the eyes of the viewer and they could take the blame for reporting on it. Lower ratings is bad for business.

              - In the event that it swayed the election, media outlets could face a lot of blowback again and risk people complet

  • .... the nuclearpowerplants to the internet, what could go wrong?". Really.

  • Obviously systems need to be secured. But the narrative that Russian hackers affected any election outcomes is simply false. It's useful, for the losers. But false.
  • Comment removed based on user account deletion

Brain off-line, please wait.

Working...