On June 15, The New York Times published an alarming news story that detailed how the U.S. has recently become far more aggressive toward Russia in its online countermeasures as a means of warning President Vladimir Putin that America will not tolerate Moscow’s cyber interference and relentless attempts to hack into our networks.
According to The Times, the United States Cyber Command, under authority granted just last year by the White House and Congress, has placed a potentially crippling bit of malware into the Russian energy system. As of now, the inserted bit of American computer code isn’t active. It’s just sitting there, serving mostly as a warning to the Russians not to try anything — but should hostilities break out between the two countries, the malware could be activated to deliver severe cyber strikes to their grid.
Gen. Paul M. Nakasone, the commander of Cyber Command, says this move is part of the Pentagon’s “defend forward” policy to let our enemies know that we will not stand for the continued onslaught of cyber attacks. But The Times notes that the insertion carries “significant risk of escalating the daily digital cold war between Washington and Moscow.”
Is the risk worth it?
Well, based on President Trump’s Saturday night tweets, you’d have to convince him the story is even true. But it’s worth noting that the U.S. certainly wouldn’t be striking the first cyber blow with this move. In 2014, the Department of Homeland Security warned that Russian hackers had infiltrated and inserted pieces of their own malware into some of our nation’s most vital infrastructure systems.
Two years ago this month, Russian military hackers brought the nation of Ukraine to its knees by inserting mock ransomware called NotPetya into Ukrainian computer networks. The malware wiped out computer data and quickly wormed its way throughout Europe, causing massive amounts of damage and costing billions. Computer screens went blank, ATMs stopped working, airports came to a standstill, even the radiation monitors at Chernobyl shut down. Everything from hospital services to government offices were forced to close.
Just last Friday, Wired.com security specialist Andy Greenberg wrote that analysts at security firms have been tracking a group of sophisticated Russian hackers known as Xenotine who have been scanning dozens of American power grids, searching for weak entry points and vulnerabilities to gain access into computer networks. According to Greenberg, U.S. authorities should be very concerned that the “notoriously aggressive group” has turned its attention to our infrastructure grid.
For most of its existence, the United States has been invulnerable to outside attacks thanks to the oceans to our east and west and two friendly nations to our north and south. But an extended power disruption caused by a disabled energy grid could result in thousands of deaths and a complete collapse of the economy. No water or electricity could mean the rampant spread of unchecked fires, disease and famine. Planes couldn’t fly, ships couldn’t sail, vehicles couldn’t drive. The nation would be crippled. And, what truly concerns us is that neither state nor federal government agencies have in place any sort of a contingency plan to deal with the catastrophic fallout from a protracted energy outage.
So, yes, we believe that any risk incurred by inserting our malware into Russia’s power grid is well worth it — a tit-for-tat, cyber version of mutually assured destruction, if you will.
— Robin Beres