Russian Malware in Power Grid

So many people have contacted me about a recent Washington Post story involving a Russian cyberattack on America's power grid that I thought I'd provide some context for the issue. I should disclose that people have been eager to reach out to me about this because my thriller Patriarch Run realistically depicts the vulnerability of our grid to cyberattack. You can learn more about our vulnerable grid at my Discussion Guide

The Washington Post reported that malware associated with the Russian hacking operation Grizzly Steppe was detected at the Vermont utility Burlington Electric. Grizzly Steppe is the name of the recent cyberattack that included stolen emails from the Democratic National Committee, which were later released by WikiLeaks during this year’s presidential campaign. In short, the Russians launched a sophisticated attack targeting government organizations, think tanks, universities, political organizations, corporations, and critical infrastructure entities, including Burlington Electric.

The Washington Post takes pains to point out that:

The computer at Burlington Electric that was hacked was not attached to the grid.

The most important context for us to understand about this incident is that the hacking of our critical infrastructure by foreign actors has become commonplace. According to the Washington Post:

The discovery underscores the vulnerabilities of the nation’s electrical grid...Since at least 2009, U.S. authorities have tracked efforts by China, Russia and other countries to implant malicious software inside computers used by U.S. utilities...In November 2014, for example, federal authorities reported that a Russian malware known as BlackEnergy had been detected in the software controlling electric turbines in the United States.

I reported on this national security threat in 2015. What follows is an excerpt from my 2015 report, highlighting the vulnerability of our critical infrastructure. One might conclude, upon reading what follows, that America is way behind the eight ball on this threat.

The power grid is also vulnerable to a Stuxnet-like event. Stuxnet was a computer worm that attacked the PLCs (Programable Logic Controllers) of an Iranian nuclear facility in 2007 causing catastrophic failure to the facility's centrifuges. A cyberattack is not a far-fetched scenario. According to the Department of Homeland Security, a similar type of computer virus shut down a power plant for three weeks in 2012 when a technician inserted an infected USB drive into the network.

Leon Panetta, Secretary of Defense from 2011 to 2013, gave a talk on Cybersecurity to some business executives in 2012. In describing the potential of a cyberattack, Panetta said, "We know that foreign cyber actors are probing America's critical infrastructure networks. They are targeting the computer control systems that operate chemical, electricity and water plants and those that guide transportation throughout this country. We know of specific instances where intruders have successfully gained access to these control systems. We also know that they are seeking to create advanced tools to attack these systems...They could, for example, derail passenger trains or even more dangerous, derail trains loaded with lethal chemicals. They could contaminate the water supply in major cities or shutdown the power grid across large parts of the country....these kinds of attacks...would cause physical destruction and the loss of life."

James Clapper, Director of National Intelligence, told the Senate Intelligence Committee in 2013 that a cyberattack was the biggest threat our country faced."We judge that there is a remote chance of a major cyberattack against US critical infrastructure systems during the next two years that would result in long-term, wide-scale disruption of services, such as a regional power outage."

Dr. Frankel also testified before the House Homeland Security Committee in May of 2014. His testimony focused on the lack of progress made to protect the United States from an EMP attack since the Commission's 2008 report was published. He also discussed the nation's vulnerability to a cyberattack: "The same result [as an EMP attack] could be achieved by simultaneous cyber-attack...Cyber and EMP threats have the unique capability to precipitate...multiple failures of these...control systems over a widely distributed geographical area, and such simultaneous failures...are likely to signal a wider and more long lasting catastrophe."

The cyber threat is serious enough that the Pentagon announced to the world in 2011 that it would treat computer sabotage perpetrated by another country as an act of war. A military official put it to the The Wall Street Journal this way, "If you shut down our power grid, maybe we will put a missile down one of your smokestacks."

Benjamin Dancer

Benjamin is the author of the literary thriller Patriarch Run, the first book in a series that will include Fidelityand The Story of the Boy. He also writes about parenting, education, sustainability and national security.

Benjamin works as an Advisor at a Colorado high school where he has made a career out of mentoring young people as they come of age. His work with adolescents has informed his stories, which are typically themed around fatherhood and coming-of-age.

You can connect with Benjamin by signing up for his newsletter below and by participating in the conversation at his blog.