Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
×
Power Government Security United States

America Planted Malware In Russia's Power Grid, Says NYT (cnet.com) 190

"The U.S. military's Cyber Command has gotten more aggressive than ever against Russia in the past year, placing 'potentially crippling malware' in systems that control the country's electrical grid," according to CNET, citing a report in the New York Times: Made possible by little-noticed legal authority granted last summer by Congress, Cyber Command's strategy shift from a defensive to offensive posture is meant in part as a warning shot, but it's also designed to enable paralysing cyberattacks in the event of a conflict, The New York Times said Saturday, quoting unnamed officials... [T]he recent moves appear to have taken place under a military authorization bill Congress passed in 2018 that gives the go-ahead for "clandestine military activity" in cyberspace to "deter, safeguard or defend against attacks or malicious cyberactivities against the United States...."

The Times said Cyber Command is concerned Russia could trigger selective power outages in key states during the 2020 election and that it needs a way to discourage such attacks. But the agency and the U.S. have to consider their moves carefully in this international game of cyberchess. "The question now is whether placing the equivalent of land mines in a foreign power network is the right way to deter Russia," the Times report says. "While it parallels Cold War nuclear strategy, it also enshrines power grids as a legitimate target...."

In related news, Bloomberg reported Friday that a Russia-linked hacking group that shut down an oil and gas facility in Saudi Arabia in 2017 has been probing utilities in the U.S. since late last year.

This discussion has been archived. No new comments can be posted.

America Planted Malware In Russia's Power Grid, Says NYT

Comments Filter:
  • by Anonymous Coward

    Are other news sources with better reputations reporting on this alleged incident?

    After the handling of the nonsensical and debunked ''Russia narrative'' junk, a lot of people are now highly sceptical of claims made by various American mainstream media outlets.

    • Re: (Score:2, Insightful)

      by Anonymous Coward

      I mean, even pre-Trump the media was absolute trash and you already should've been 'highly skeptical' of anything they said.

      Early/mid 2016 they shifted into a whole new gear of terrible, but residual credibility meant you were still sort-of forced to pay attention to them.

      Post-Mueller they deserve nothing more than to be completely ignored.

    • Are other news sources with better reputations reporting on this alleged incident?

      After the handling of the nonsensical and debunked ''Russia narrative'' junk, a lot of people are now highly sceptical of claims made by various American mainstream media outlets.

      This is the scariest thing about the Trump presidency. Via Twitter he sows distrust and animosity towards pillars of democracy, such as the free press and critical journalism. Instead he demands that people believe him - the know-it-all genius who can see through everything. It's almost like how a sect operates. Trump is the Guru and his followers are almost fanatical and will believe everything he says over what his opponents, the media, or even common sense demands. It's scary.

      • by Anonymous Coward

        What you don't seem to realize is that this has absolutely nothing to do with what Trump says or tweets. It even has nothing to do with our political leanings.

        All we're doing is looking at what the media told us in the past versus what ends up eventually happening. We see discrepancies.

        We saw it with the ''Russia'' narrative. We saw it with the BLM, Trayvon Martin, and Michael Brown narratives. We saw it with the downplaying, or worse, the attempted ''legitimization'' of illegal aliens invading the southern

      • Re: (Score:2, Flamebait)

        by dcw3 ( 649211 )

        CNN, Fox, MSNBC, are all hardly pillars of democracy, and nearly daily sewing seeds of discord and partisanship in favor of getting more eyeballs/profit. And, I'm in no way disagreeing w/you about Trump.

      • Um, exactly what pillars of democracy do you mean? I was a reserve police officer years back and worked numerous things (like car wrecks - it was a rural area, they made the news) and never ONCE did I see anything remotely resembling what I saw with my own eyes reported.
    • New York Times didn't ever say that Trump was a Russian asset.

      Wait for the incoming links....

      1) Op-Eds are not the New York Times.

      2) Articles reporting on the existence of, and explaining what Buzzfeed leaked (the Steele Dossier), is valid news and necessary to inform what's happening.

      3) Articles that show information about the Trump organization interacting with Russian agents are true, as proven by Mueller, even without any actual coordination taking place. Investigating facts are exactly their job.

      4) An

  • Nothing new (Score:4, Insightful)

    by DanDD ( 1857066 ) on Sunday June 16, 2019 @12:43PM (#58772030)

    This is nothing new and has been going on for decades [telegraph.co.uk]

    The real story is how and who leaked this to the NYT.

    • That particular story is a canard.

      • by rtb61 ( 674572 )

        This story was a threat sent by the US government to the Russian government, not to release the information the Russian government gained in South America of criminal US espionage operations in South America. When that fuckwit Bolton was busy trying to hack Venezuela and did not bother to secure operations in his typical corrupt incompetent way, a empty headed bullshittter.

        So the US government is threatening the Russian government to try to prevent the Russia government from releasing evidence about US cri

    • Re: (Score:2, Informative)

      by quonset ( 4839537 )

      No, what is new is the con artist wasn't informed this was happening so he couldn't warn his Russian friends. Like the time he divulged classified information to the Russian ambassador [nytimes.com].

    • Re:Nothing new (Score:5, Informative)

      by fahrbot-bot ( 874524 ) on Sunday June 16, 2019 @01:05PM (#58772130)

      This is nothing new and has been going on for decades [telegraph.co.uk]

      The real story is how and who leaked this to the NYT.

      Probably some guy [wikipedia.org] -- like John Barron, John Miller, Carolin Gallego or David Dennison -- who just can't keep his mouth shut.

      "The US has the BEST malware folks! So many malwares... only the best. Trust me. But we didn't tell the Russian about this, 'cause NO COLLUSION. They were totally in the dark, like Argentina is in the Southest of Africa."

      So (from TFA) of course they didn't tell Trump. :-)

      • "The US has the BEST malware folks! So many malwares... only the best. Trust me. But we didn't tell the Russian about this, 'cause NO COLLUSION. They were totally in the dark, like Argentina is in the Southest of Africa."

        Alas, not. They might have targeted Russia but now actually Argentina and Uruguay are out of power.
        Somebody must have used the wrong IP address even though they 'have the best people'.

    • by AmiMoJo ( 196126 )

      Maybe time to start de-escalating the cyber cold war though. America is running on Cisco and Microsoft products, and the threat is highly asymmetrical.

  • by Anonymous Coward on Sunday June 16, 2019 @12:46PM (#58772036)

    Good Luck to them.
    It is the same idiotism as Y2K fear of nuclear power stations meltdown. They have no computers to break in. They have no computer clocks or Intel based processors to break in.

  • So we're back to the Cold War strategy of Mutually Assured Destruction [wikipedia.org], eh?

    • So we're back to the Cold War strategy of Mutually Assured Destruction [wikipedia.org], eh?

      And? ... It seemed to work well last time.

  • Made possible by little-noticed legal authority granted last summer by Congress

    Those computers are in Russia, Congress does not have jurisdiction over computers outside of the USA (regardless of what they believe). If the USA military have done this then it is an act of war. Just think what Trump would be saying if Russia or China had done the same to computers in the USA.

    What the USA has done is nothing sort of outrageous and makes the whole world less safe. All USA citizens should be ashamed of their gove

    • by quonset ( 4839537 ) on Sunday June 16, 2019 @01:03PM (#58772122)

      Those computers are in Russia, Congress does not have jurisdiction over computers outside of the USA (regardless of what they believe). If the USA military have done this then it is an act of war.

      So this is the same thing when Russia repeatedly goes after Ukraine's power sources and elections, right? It's an act of war.

      Just think what Trump would be saying if Russia or China had done the same to computers in the USA.

      The con artist has ignored both Russia (particularly Russia) and China going after our computers.

      What the USA has done is nothing sort of outrageous and makes the whole world less safe.

      As opposed to Russia continually attacking its neighbors, stealing their land, and fomenting terrorist operations in other people's countries?

      All USA citizens should be ashamed of their government.

      We are. We have to put up with the con artist's whining every day.

    • You are wrong! This is authorized by American [wikipedia.org] Exceptionalism [wikipedia.org].

    • by AHuxley ( 892839 )
      Re "If the USA military have done this then it is an act of war."
      Its not the US mil so its not an act of war.
      Its like using the CIA globally for decades. No uniform, no war.
      • by dcw3 ( 649211 )

        Since when is Cyber Command not part of the US military?
        https://en.wikipedia.org/wiki/... [wikipedia.org]

        • by AHuxley ( 892839 )
          The mapping, discovery of every network in Russian can be a task for "Cyber Command". That would fall under defensive mil actions.
          The task to actually alter the power grid later may not be "Cyber Command" and the US mil when finally done.
          That is what make makes the actions of the CIA so seperate from the mil structures like "Cyber Command".
          The CIA can do anything to wants globally once approved as its not the US mil.
          That keeps a nice legal separation between the role of the US gov/mil/lawyers/CIA.
          Gove
  • I can't find a distinct line in this mess. On one hand, it makes perfect sense for the US to do this since Russia is not only getting more aggressive, but is also an "enemy" since long ago, and has tried to disrupt and destabilize the US along multiple vectors. It is only natural to return the favor and show that the US shouldn't be trifled with. According to this thinking, the NY Times really shouldn't have outed their plan (morally; I'm not interested in the legal aspects at the moment).

    On the other hand,

    • If that was a request for background information, then the best single source I can recommend is Richard Clarke's book about cyber warfare. It's a couple of years old, but he covers many aspects of the topic quite comprehensively. Most significant area he doesn't get to is the psychological interface to the wetware. In other words, he doesn't say much about the kind of advanced profiling of humans that supported the psychological warfare that worked so well to help put #Brokeahonas in the White House.

      To sum

    • Re:Grey zone (Score:5, Insightful)

      by Actually, I do RTFA ( 1058596 ) on Sunday June 16, 2019 @03:54PM (#58772842)

      You're assuming that publicizing the plan wasn't intentional. It's kinda like Dr. Strangelove, if you're going to be practicing deterrence, why they hell would you keep it a secret?

      the US probably shouldn't bitch and moan about Russian interference if they are playing the same game.

      Well, one, this is a reaction. There were tons of reports of Russia doing similar attacks to US power infrastructure in the past few years. And they overtly did so to Ukraine. Being able to retaliate in kind (and have that ability known) is important. And second, you can both build a weapon and bemoan it's existence. I mean, look at nukes. I think most people, and the US in particular, would be very happy with a magic wand that made nukes no longer function. But just because you wish it didn't exist doesn't mean you don't develop it. And just because you develop it doesn't mean you try to make sure it's use is beyond the pale.

  • shitty country that does the same thing and supports organized criminals stealing money from westerners

  • standard stuff (Score:5, Interesting)

    by hdyoung ( 5182939 ) on Sunday June 16, 2019 @01:00PM (#58772108)
    Read spy history. This stuff is standard. Maaaaybe it's a response to Russia's well-documented efforts to help Trump, but I seriously doubt it. The Russians have been trying to meddle in our elections for a really long time. The only reason they got so much traction with Trump is that the race was so frikkin close.

    We constantly do this stuff to the Russians, the Russians constantly do this stuff to us, and now China is getting into the game. Make some popcorn and buckle up, buckaroos. The next few decades are gonna be interesting.
    • by e3m4n ( 947977 )

      more like irritating. What I dont get is every libtard I know keeps insisting trump is a puppet for putin, and yet now they are running around sharing this link as if its some sort of damning evidence against trump. The NYT is going on about trumps greed for power, yadda yadda yadda. I have never understood someone's ability to insist that black is black, and in the very next sentence ridicule you for not understanding that black is white.

      • Because thankfully Trump is not the entirety of the U.S. Government. You know he can try to do one thing while other people do something else. In fact if there's one thing the Muller report tried to show it was that the only thing that stopped Trump actually colluding was a mix of incompetence and disobedience.

      • by dcw3 ( 649211 )

        Because it's not about the logic with them. It's all about winning, and the ends justify the means.

        • Because it's not about the logic with them. It's all about winning, and the ends justify the means.

          One could replace "them" with Trump, and be accurate, also. It's a human thing. File a bug report.

      • Comment removed based on user account deletion
        • by e3m4n ( 947977 )

          Most of the ones that I happened to know that work for my state government. They spend all day parroting NPR. So on the weekends I get to hear all about how Trump is nothing but a puppet for Putin and blah blah blah. Anytime they read any headline about “this administration“ and it’s even remotely negative they run out with a banner flying. They don’t care about consistency all they care about is something negative so they can go “see I told you“

          • You are describing the same techniques and effects caused by certain organizations during the Obama administration, just in reverse.

            It's deja vu all over again.

    • by dcw3 ( 649211 )

      "We constantly do this stuff to the Russians"

      Um, when was the last time that the winner of the Russian election even had a close call? If we're doing it to them, we're pretty fucking bad at it.

  • Why not? It's not like any country trusts us anymore anyway. Now the sky's the limit!
  • NYT is fake news (Score:1, Insightful)

    by melted ( 227442 )

    Article mentions no concrete sources and contains no other corroboration. I give it a 99.999% chance that it was just made up to drive clicks and shit on Trump.

  • Even if it doesn't exist.

    If it were real, it would probably be found too easily. But, if they BELIEVE it exists, they will search endlessly for it.

  • The government has no obligation to ensure that YOU, the individual, have power, food, shelter or safety.

    • Comment removed based on user account deletion
    • Here in California, the power company has resolved to shut off their power for up to 3 days at a time about 15 times this summer in order to reduce the chances of their being sued for fires. The plus side is this makes us invulnerable to retaliatory Russian hacking... you can't shut off power that's already off!

  • Comment removed based on user account deletion
  • Anyone else wonder if this exact thing is what just happend in Argentina [bloomberg.com]? Cutting off power then restoring key areas before others on Election Day is a pretty good strategy to steal an election.
    • Anyone else wonder if this exact thing is what just happend in Argentina? Cutting off power then restoring key areas before others on Election Day is a pretty good strategy to steal an election.

      Maybe. It'd be a pretty broad weapon, though, and possibly ineffective.
      "
      The blackout delayed voting Sunday in gubernatorial elections in Argentina’s provinces of Santa Fe, Formosa, and San Luis. Voters marked ballots by candlelight or using their mobile phones as flashlights amid an “emergency protocol,” newspaper Clarin reported.
      "

  • by BlueCoder ( 223005 ) on Sunday June 16, 2019 @02:39PM (#58772540)

    The US has been ignoring computer security for over 20 years. We have appointed multiple experts to leaders of cyber for all those years. Each and every time they have resigned because of federal and state bureaucracy, politics and money got in the way. While I think any sitting president does indeed have the power to shut down any state facility; states will fight it tooth and nail for lack of money and simply point fingers at the federal government rather than fixing their problems. I wouldn't be surprised if there wasn't some collusion at this point to have a friendly player attack the US in a limited manor just to get the political ball rolling.

    Internet access to industrial control systems is limited. I suspect all of them have already been fixed and or honeypotted. It's the internet access being installed for the purposes of telemetry which is scary. (Companies save money by not needing to send someone out to read meters.) There are literally millions of sub stations and black boxes all over the united states in unsecured locations. Just think about all the telecom boxes alone. Very little of it has any security and what exists is protected by a low paid security guard that will more than likely open the door to a person wearing the right uniform and a fake work order. More than likely it's a box on the side of a building or a pole with a padlock. Installing cell modules for internet access is usually a little too invasive and detectable and in rural areas just not ubiquitous but now companies are installing telemetry which means they have their own internet connection already. Now all one needs to do is just install a small microcontroller of their own about the size of a 50 cent coin. Easily concealed unless someone knows exactly what should be in each and every box. These boxes have serial ports with no security 99.9% of the time. A player with real resources could replace the entire box with an identical looking box. These boxes are often ten or more years old. One could theoretically only need to replace a couple chips.

    Understand now that this is not hacking from someone at a keyboard. This is almost the equivalent of placing bombs and most of the time it doesn't blow up anything up, it simply turns off or shorts out equipment that then needs to be replaced. You won't even be able to visually tell that something was damaged other than it isn't working. Now once placed the systems can be controlled from the internet. But the effect is the same... a crowd of people banging on a door and ready to hang a politician because their neighborhood sewage line is backed up. Or tech companies getting blackmailed into payoffs, public statements, or criticisms they don't agree with or their power goes out and their stock price drops.

    The last one I can imagine someone would do just to leverage the stock market. This is one of the many reasons why many of the big tech companies already provide their own power.

    The Solution is simple but hard. We have to actually start thinking before doing. Stop using duct tape to repair a leaking roofs. Don't expect to solve it all at once but do at least start fixing it one section at a time.

  • We have seen the enemy and it is us [youtube.com].

    If true the men behind this should be hanged as the traitors they are.

  • Its all to easy for a cyber attack to escalate into a real war. Cyber attacks can do do damage and kill people, just like "real weapons". When does a cyber attack become an act of war?

  • by Anonymous Coward

    Good!

  • Great, so I have a feeling they're telling us that we can have power outages in the future.
    If not here, other countries and that can be just as bad.

"The vast majority of successful major crimes against property are perpetrated by individuals abusing positions of trust." -- Lawrence Dalzell

Working...