U.S. Security Officials Uncertain Of How To Address Infrastructure Vulnerabilities
AILSA CHANG, HOST:
Yesterday President Trump congratulated Russian President Vladimir Putin on his re-election. Their conversation came just days after the Trump administration revealed that Russia had successfully hacked into the U.S. power grid. As NPR's Brian Naylor reports, the attacks pointed to the continued vulnerability of America's infrastructure and the uncertainty of U.S. officials over what to do about it.
BRIAN NAYLOR, BYLINE: The Department of Homeland Security and the FBI say that what they label Russian government cyber actors have been targeting U.S. critical infrastructure sectors, including energy, nuclear and commercial facilities, since at least March 2016. James Lewis, a cybersecurity expert at the Center for Strategic and International Studies, says the news does not exactly come as a surprise.
JAMES LEWIS: The Russians have been doing this for years, though. And so the change is that the U.S. government came out and said the Russians hacked the utilities.
NAYLOR: The government informed electric companies last summer that Russia undertook what DHS calls a multi-stage intrusion campaign against the utilities using common hacking techniques such as malware and spear phishing. They were able to gain access to at least one power plant's control system. Joel Brenner, former head of counterintelligence in the Obama administration, says it's a serious threat.
JOEL BRENNER: They were not simply looking around that system and reconnoitering it. They were placing the tools that they would have had to place in order to turn off the power. That's a serious vulnerability for us. And we are not anywhere near ready to deal with it.
NAYLOR: The Russians have also targeted other countries' electrical grids, most notably Ukraine in 2015, disrupting power for some 200,000 people. Scott Aaronson at the Edison Electric Institute, which represents the nation's electric companies, says U.S. power companies have tried to learn from that attack. He says we shouldn't be too worried in this country.
SCOTT AARONSON: You know, you don't know what you don't know. And so a big part of our protection - protective measures is to not just respond to incidents or to threats when we get intelligence about them but to also have backup capabilities.
NAYLOR: That includes operating power plants without digital controls just like in the old days. Some power companies also block emails and other Internet traffic from outside the country. But it's complicated by the decentralized nature of the grid with public utilities commissions in 50 states exercising some control. Critics of the Trump administration say the government needs to take stronger steps to block Russian cyberattacks. At a hearing yesterday, Democratic Senator Maria Cantwell of Washington called last week's DHS alert a siren.
(SOUNDBITE OF ARCHIVED RECORDING)
MARIA CANTWELL: Our energy infrastructure is under attack. It's under cyberattack. And we need to do much more to protect it as a national critical asset.
NAYLOR: Cantwell wants the Trump administration to do an assessment of Russian cyberattacks against the electric grid. But any retaliation would be up to President Trump. And former counterintelligence chief Brenner says the president has given no indication he's willing to act against Russia.
BRENNER: The president has not so far shown any inclination or any backbone in confronting repeated Russian provocations. And one can only ask why that is.
NAYLOR: James Lewis at CSIS says absent a strong U.S. response to the Russian cyber incursions, Russia is likely to continue its behavior.
LEWIS: The problem here is if we don't give the Russians the idea that doing something to us is bad, they may be tempted to do it.
NAYLOR: And while sanctions may be a deterrent to further intrusions, they also may not be enough. Brian Naylor, NPR News, Washington.
(SOUNDBITE OF APOLLO BROWN'S "HEIRLOOM") Transcript provided by NPR, Copyright NPR.