This is not a drill. Nor, alas, is it the fever dream of a Cold War hack novelist, as much as it sounds like one. In 2017, Russian hackers gained control of the U.S. power grid to the point where they could cause blackouts. And the U.S. government doesn’t know if they’re still able to do it. Worse yet, there’s reason to believe this is part of an attack on the 2018 election — one that could make Russia’s pivotal 2016 shenanigans (its fake news machine, DNC email hacking, voter registration hacking and Facebook meme-making) look like child’s play. We learned about a Russian attack on American infrastructure when the FBI and the Department of Homeland Security released a report in March, but we didn’t know how bad it was until a DHS briefing on Monday. Hundreds of utility companies had fallen victim to the hackers; there may be many more out there that have been hacked and don’t know it. Energetic Bear managed to get into the control rooms of power stations, even into supposedly secure “air-gapped” networks, via vendors. “They got to the point where they could have thrown switches” and blacked out portions of the U.S., one DHS analyst told the Wall Street Journal.
Not bad for what the FBI report described as a scouting mission. The hackers, part of a Russian group called Energetic Bear (seriously) were simply figuring out how U.S. power plants work, and how they report data.
Could Energetic Bear still do that? Have the Russians found their way around minimal belated cybersecurity fixes? The DHS admitted it doesn’t know, and the point of the briefing was to sound the alarm as loud as possible.
There’s a lot of that going on at the lower levels of the U.S. government right now — even as the man at the apex of the federal pyramid continues to downplay, deny, or dispute evidence of Russian hacking.