Skip to content
Politics & Current Affairs

Russian hackers infiltrated hundreds of U.S. electric utilities

Hackers working for Russia have gained access to hundreds of U.S. electric utilities in 2017, according to new reports from federal officials.
Creative Commons/Big Think
Sign up for the Smarter Faster newsletter
A weekly newsletter featuring the biggest ideas from the smartest people


Hackers working for Russia gained access to hundreds of U.S. electric utilities in 2017, according to new reports from federal officials.

The hackers, who worked for a Russian-sponsored group codenamed Dragonfly or Energetic Bear, managed to infiltrate the utility networks undetected, putting themselves in a position to disrupt power flows and potentially cause blackouts, officials with the Department of Homeland Security told the Wall Street Journal.

The department, which has warned of Russia’s threat to U.S. infrastructure since 2014, said the attacks are likely still occurring.

Although the utility networks were “air gapped”—meaning not directly connected to the internet—the hackers managed to infiltrate the networks of vendors who had trusted relationships with the utilities. From there, gaining access to the utilities was a straightforward process.

Inside the utility networks, the hackers were able to harvest other sensitive information: how the networks were configured, what equipment was used, and normal operating procedures.

“They got to the point where they could have thrown switches” and disrupted power flows, said Jonathan Homer, chief of industrial-control-system analysis for DHS.

Alarmingly, the extent of the breaches is unknown because the hackers accessed the utility networks using legitimate employee credentials, which they gathered through conventional tactics like spear-phishing emails and watering-hole attacks, according to the Wall Street Journal.

“They’ve been intruding into our networks and are positioning themselves for a limited or widespread attack,” Michael Carpenter, former deputy assistant secretary of defense, told the newspaper. “They are waging a covert war on the West.”

The motive behind the state-sponsored hacks is still unclear, though the breaches suggest Russia could be in a position to cause damage and blackouts to U.S. infrastructure.

In June, the Justice Department indicted 12 Russian nationalsfor their alleged “sustained effort” to hack Democrats’ emails and computer networks in the 2016 presidential election.


President Donald Trump and Russian President Vladimir Putin arrive for a meeting in Helsinki, on July 16, 2018. (Photo BRENDAN SMIALOWSKI/AFP/Getty Images)

Electric utilities aren’t the only area of U.S. infrastructure on which Russia seems to have a strategic eye. Earlier this year, reports broke of Russian submarines lurking near the underwater cables that power the internet in the Atlantic Ocean.

In conducting the underwater operations, Russians were “doing their homework and, in the event of a crisis or conflict with them, they might do rotten things to us,” Michael Kofman, a Russian military expert at nonprofit research group CNA Corp., told the Associated Press.

Sign up for the Smarter Faster newsletter
A weekly newsletter featuring the biggest ideas from the smartest people

Related
The former Chairman of the Joint Chiefs of Staff, Admiral Mike Mullen, characterized “cyber” as an “existential threat to the United States of America” in a recent issue of Fortune […]

Up Next