17 March 2018 | Matthew Daly | AP via FifthDomain
WASHINGTON — A Russian government hacking operation aimed at the U.S. power grid did not compromise operations at any of the nation’s power plants, federal regulators and the industry said Friday.
Corporate networks at some of the 99 nuclear power plants licensed by the Nuclear Regulatory Commission were affected by the 2017 hack aimed at the energy grid and other infrastructure, but no safety, security or emergency preparedness functions were impacted, the NRC said in a statement.
The Federal Energy Regulatory Commission also said the incident had no operational impacts on interstate transmission of electricity.
Even so, government and industry leaders said the attacks underscored the increased threat of electronic and computer-based attacks on a range of infrastructure.
Energy Secretary Rick Perry said the prolonged cyberattack “demonstrates exactly why” he is creating an Office of Cyber Security and Emergency Response. The new office will consolidate and strengthen efforts to “combat the growing nefarious cyber threats we face,” Perry said, adding that his department worked closely with other federal agencies and energy providers to help ensure that hacking attempts “failed or were stopped.”
The Trump administration accused Moscow on Thursday of an elaborate plot to penetrate America’s electric grid, factories, water supply and even air travel through cyber hacking.
U.S. national security officials said the FBI, Department of Homeland Security and intelligence agencies determined Russian intelligence and others were behind a broad range of cyberattacks starting more than a year ago. Russian hackers infiltrated the networks that run the basic services Americans rely on each day: nuclear power, water and manufacturing plants.
U.S. officials said the hackers chose their targets methodically, obtained access to computer systems, conducted “network reconnaissance” and then attempted to cover their tracks by deleting evidence of the intrusions. The operation resorted to various methods — including a kind of cyberattack known as spear-phishing — to try to compromise legitimate user accounts, gather user credentials, and target industrial control systems and their networks, officials said.
The U.S. government has helped the industries expel the Russians from all systems known to have been penetrated, but additional breaches could be discovered, officials said.
The Nuclear Energy Institute, an industry lobbying group, said the Russian hacking campaign targeting U.S. infrastructure “demonstrated that America’s nuclear plants can withstand a nation-state sponsored attack.”
U.S. nuclear plants are designed as operational “islands” that are not connected to the internet and other networks. Nuclear power provides about 20 percent of the nation’s electricity.
The Edison Electric Institute, which represents investor-owned electric companies that provide electricity for about 220 million Americans, said the government informed energy grid operators last year of a threat targeting energy and critical manufacturing sectors.
“While this incident did not have operational impacts, we have worked across the sector and with government partners to ensure the ongoing protection of the grid from this specific threat and from all cyber and physical security risks,” said Scott Aaronson, the group’s vice president of security and preparedness.
The American Public Power Association, which represents community-owned utilities serving more than 2,000 cities and towns, said the attacks showed the need for continue vigilance.
Trans-Alaska pipeline fights 22 million cyberattacks per day “It can be 6 or 7 million some days and 45 million the next,” Rosetti said. “I wish I could tell you why it changes that way, but I really don’t know.”
“Cyber threats are real, but to date our ongoing efforts have reduced the probability of cyberattacks being successful,” said Nathan Mitchell, the group’s senior director of electric reliability standards and security.
The accusations that Russia was behind the cyberattacks on U.S. infrastructure came as the Trump administration targeted Russians with sanctions for alleged election meddling for the first time since President Donald Trump took office.
The list of Russians being punished includes all 13 indicted last month by special counsel Robert Mueller, a tacit acknowledgement by the administration that at least some of Mueller’s Russia-related probe has merit.
Trump has repeatedly sought to discredit Mueller’s investigation into Russian interference in the presidential election, but the sanctions appeared to rely on the special counsel’s legal conclusions in deciding who should be named. The sanctions freeze any assets the individuals may have in U.S. jurisdictions and bar Americans from doing business with them.