Russian, TVA
Image credit: Stock

The Trump administration has blamed the Russian government for a campaign of cyber attacks on its power grid stretching back at least two years.

It marks the first time the US has publicly accused Moscow of hacking into American energy infrastructure.

Beginning in March 2016, or possibly earlier, Russian government hackers attacked multiple critical infrastructure sectors, according to a US security alert.

These sectors included energy, nuclear, commercial facilities, water, aviation and manufacturing.

The Department of Homeland Security and the FBI said in the alert that a ‘multi-stage intrusion campaign by Russian government cyber actors’ had targeted the networks of small commercial facilities ‘where they staged malware, conducted spear phishing, and gained remote access into energy sector networks.’

The alert did not name facilities or companies targeted.

The US Treasury Department has decided to impose sanctions on 19 Russian people and five groups, including Moscow’s intelligence services, for meddling in the 2016 US presidential election and other malicious cyber attacks.

Russia in the past has denied it has tried to hack into other countries’ infrastructure, and vowed on Thursday to retaliate for the new sanctions.

The direct condemnation of Moscow represented an escalation in the Trump administration’s attempts to deter Russia’s aggression in cyberspace.

Senior US intelligence officials said in recent weeks the Kremlin believes it can launch hacking operations against the West with impunity.

US security officials have long warned that the United States may be vulnerable to debilitating cyber attacks from hostile adversaries.

It was not clear what impact the attacks had on the firms that were targeted.
But the alert provided a link to an analysis by the US cyber security firm Symantec last October that referred to a group it had dubbed Dragonfly.

The collective had targeted energy companies in the United States and Europe and in some cases broke into the core systems that control the companies’ operations.

Russian threat to UK's National Grid

In the United Kingdom, National Cyber Security Centre officials have also issued advice to the likes of the Sellafield nuclear plant, Whitehall departments and NHS trusts over possible action from Vladimir Putin's government.

This after the Kremlin announced expulsions of British diplomats in response to Theresa May's decision expel 23 Russian embassy staff.

Ciaran Martin, head of the NCSC, warned in January of the risk of a 'category one' Russian cyber attack on the UK, which would involve "disruption of critical systems".

The NCSC's director of operations, Paul Chichester, told the Sunday Times: “It is absolutely right that we give advice to sectors on defending themselves from cyber-attacks.

“We are vigilant to cyber-threats wherever they come from and are ready to defend against them.”