US mal­ware men­aces Rus­sian power grid

The Fresno Bee (Sunday) - - News - BY DAVID E. SANGER AND NI­COLE PERLROTH

The United States is step­ping up digital in­cur­sions into Rus­sia’s elec­tric power grid in a warn­ing to Pres­i­dent Vladimir Putin and a demon­stra­tion of how the Trump ad­min­is­tra­tion is us­ing new au­thor­i­ties to de­ploy cy­ber­tools more ag­gres­sively, cur­rent and for­mer government of­fi­cials said.

In in­ter­views over the past three months, the of­fi­cials de­scribed the pre­vi­ously un­re­ported de­ploy­ment of U.S. com­puter code in­side Rus­sia’s grid and other tar­gets as a clas­si­fied com­pan­ion to more pub­licly dis­cussed ac­tion di­rected at Moscow’s dis­in­for­ma­tion and hack­ing units around the 2018 midterm elec­tions.

Ad­vo­cates of the more ag­gres­sive strat­egy said it was long over­due, af­ter years of public warn­ings from the Depart­ment of Home­land Se­cu­rity and the FBI that Rus­sia has in­serted mal­ware that could sab­o­tage U.S. power plants, oil and gas pipe­lines, or wa­ter sup­plies in any fu­ture con­flict with the United States. But it also car­ries sig­nif­i­cant risk of es­ca­lat­ing the daily digital Cold War be­tween Wash­ing­ton and Moscow.

The ad­min­is­tra­tion de­clined to de­scribe spe­cific ac­tions it was tak­ing un­der the new au­thor­i­ties, which were granted sep­a­rately by the White House and Congress last year to U.S. Cy­ber Com­mand, the arm of the Pen­tagon that runs the mil­i­tary’s of­fen­sive and de­fen­sive op­er­a­tions in the on­line world.

But in a public ap­pear­ance Tues­day, Pres­i­dent Don­ald Trump’s na­tional se­cu­rity ad­viser, John R. Bolton, said the United States was now tak­ing a broader view of po­ten­tial digital tar­gets as part of an effort “to say to Rus­sia, or any­body else that’s en­gaged in cy­ber­op­er­a­tions against us, ‘You will pay a price.’ ”

Power grids have been a low-in­ten­sity bat­tle­ground for years.

Since at least 2012, cur­rent and for­mer of­fi­cials say, the United States has put re­con­nais­sance probes into the con­trol sys­tems of the Rus­sian elec­tric grid.

But now the U.S. strat­egy has shifted more to­ward of­fense, of­fi­cials say, with the place­ment of po­ten­tially crip­pling mal­ware in­side the Rus­sian sys­tem at a depth and with an ag­gres­sive­ness that had never been tried be­fore. It is in­tended partly as a warn­ing and partly to be poised to con­duct cy­ber­strikes if a ma­jor con­flict broke out be­tween Wash­ing­ton and Moscow.

The com­man­der of U.S. Cy­ber Com­mand, Gen. Paul M. Naka­sone, has been out­spo­ken about the need to “de­fend for­ward” deep in an ad­ver­sary’s net­works to demon­strate that the United States will re­spond to the bar­rage of on­line at­tacks aimed at it. “They don’t fear us,” he told the Se­nate a year ago dur­ing his con­fir­ma­tion hear­ings.

But find­ing ways to cal­i­brate those re­sponses so that they de­ter at­tacks with­out in­cit­ing a dan­ger­ous es­ca­la­tion has been the source of con­stant de­bate.

Trump is­sued new au­thor­i­ties to Cy­ber Com­mand last sum­mer, in a still-clas­si­fied doc­u­ment known as Na­tional Se­cu­rity Pres­i­den­tial Me­moranda 13, giv­ing Naka­sone far more lee­way to con­duct of­fen­sive on­line op­er­a­tions with­out re­ceiv­ing pres­i­den­tial ap­proval.

But the ac­tion in­side the Rus­sian elec­tric grid ap­pears to have been con­ducted un­der lit­tle-no­ticed new le­gal au­thor­i­ties, slipped into the mil­i­tary au­tho­riza­tion bill passed by Congress last sum­mer. The mea­sure ap­proved the rou­tine con­duct of “clan­des­tine mil­i­tary ac­tiv­ity” in cy­berspace, to “de­ter, safe­guard or de­fend against at­tacks or ma­li­cious cy­ber­ac­tiv­i­ties against the United States.”

Un­der the law, those ac­tions can now be au­tho­rized by the de­fense sec­re­tary with­out spe­cial pres­i­den­tial ap­proval.

The crit­i­cal ques­tion – im­pos­si­ble to know with­out ac­cess to the clas­si­fied de­tails of the op­er­a­tion – is how deep into the Rus­sian grid the United States has bored. Only then will it be clear whether it would be pos­si­ble to plunge Rus­sia into dark­ness or crip­ple its mil­i­tary – a ques­tion that may not be an­swer­able un­til the code is ac­ti­vated.

Two ad­min­is­tra­tion of­fi­cials said they be­lieved Trump had not been briefed in any de­tail about the steps to place “im­plants” – soft­ware code that can be used for sur­veil­lance or at­tack – in­side the Rus­sian grid. Pen­tagon and in­tel­li­gence of­fi­cials de­scribed broad hes­i­ta­tion to go into de­tail with Trump about op­er­a­tions against Rus­sia for con­cern over his re­ac­tion.


A power plant in No­rilsk, Rus­sia, Nov. 7, 2017.

Newspapers in English

Newspapers from USA

© PressReader. All rights reserved.