Two Separate But Related Stories
Russia Hacks Two Ukraine Power Grids and a Vermont Power Grid
December 21, 2016 –
Russian hacks into Ukraine power grids a sign of things to come for U.S.?
Russian hacking to influence the election has dominated the news.
But CBS News has also noticed hacking attacks that could be a future means to the U.S.
- Last weekend, parts of the Ukrainian capitol Kiev went dark.
- Last December, a similar attack occurred when nearly a quarter of a million people lost power in the Ivano-Frankivsk region of Ukraine when it was targeted by a suspected Russian attack
Vasyl Pemchuk is the electric control center manager, and he said that when hackers took over their computers, all his workers could do was film it with their cell phones.
The hackers sent emails with infected attachments to power company employees, stealing their login credentials and then taking control of the grid’s systems to cut the circuit breakers at nearly 60 substations.
The suspected motive for the attack is the war in eastern Ukraine, where Russian-backed separatists are fighting against Ukrainian government forces.
Hackers could launch a similar attack in the U.S.
“We can’t just look at the Ukraine attack and go ‘oh we’re safe against that attack,’” said Rob Lee, a former cyberwarfare operations officer in the U.S. military, who investigated the Ukraine attack.
“Even if we just lose a portion, right? If we have New York City or Washington D.C. go down for a day, two days, a week, what does life look like at that point?” he said.
He said that some U.S. electric utilities have weaker security than Ukraine, and the malicious software the hackers used has already been detected in the U.S.
In Ukraine, they restarted the power in just hours. But an attack in the U.S. could leave people without electricity for days, or even weeks, according to experts. Because, ironically, America’s advanced, automated grid would be much harder to fix.
December 31, 2016 –
The “Russia hacked the Vermont power grid” story
Burlington Electric Department found malware on a laptop that is not connected to operation of the grid, Vermont Public Service Commissioner Christopher Recchia said.
“The grid is not in danger,” Recchia said. “The utility flagged it, saw it, notified appropriate parties and isolated that one laptop with that malware on it.”
On Thursday, the FBI and DHS released a joint report on a hacking operation they called ‘Grizzly Steppe’. They claimed the operation was linked to the Russian government, alleging that it had targeted “US persons and institutions, including from US political organizations.”
Along with the report, the US security agencies released a sample of the malware code allegedly used in the Grizzly Steppe operation to compromise US computer networks. The code was also shared with executives from 16 industries around the nation, including the financial, utility, and transportation sectors. On Friday, Burlington Electric, a Vermont-based power company, released a statement saying that the malware code had been detected during a scan of a single company laptop that was not connected to the grid.
This could still turn out to be a case of somebody at the utility clicking on something they shouldn’t have while using the company laptop.
Bottom line is this. Russia is capable of doing this because they have already done it and they will probably continue to try to gain any access they can. We as a Country cannot take this lightly and Donald trump, as a leader, can no longer deny Russia’s involvement.