Posts Tagged ‘water systems’

From Russia, With Love

July 17, 2018

The title of this post is identical to the title of the Prologue from “The Perfect Weapon: War, Sabotage, & Fear in the Cyber Age.” Andy Ozment was in charge of the National Cybersecurity & Communications Integration Center, located in Arlington, VA. He had a queasy feeling as the lights went out the day before Christmas Eve, 2015. The screens at his center indicated that something more nefarious than a winter storm or a blown-up substation had triggered the sudden darkness across a remote corner of the embattled former Soviet republic. The event had the marking of a sophisticated cyberattack, remote-controlled from someplace far from Ukraine.

This was less than two years since Putin had annexed Crimea and declared it would once again be part of Mother Russia. Putin had his troops trade in their uniforms for civilian clothing and became known as the “little green men.” These men with their tanks were sowing chaos in the Russian-speaking southeast of Ukraine and doing what they could to destabilize a new, pro-Western government in Kiev, the capital.

Ozment realized that this was the ideal time for a Russian cyberattack against the Ukrainians in the middle of the holidays. The electric utility providers were operating with skeleton crews. To Putin’s patriotic hackers, Ukraine was a playground and testing ground. Ozment told his staff that this was a prelude to what might well happen in the United States. He regularly reminded his staff, that the world of cyber conflict, attackers came in five distinct varieties: “vandals, burglars, thugs, spies, and saboteurs. He said he was not worried about the thugs, vandals, and burglars. It was the spies, and particularly the saboteurs who keep him up at night.

In the old days, they could know who launched the missiles, where they came from and how to retaliate. This clarity created a framework for deterrence. Unfortunately, in the digital age, deterrence stops at the keyboard. The chaos of the modern Internet plays out in an incomprehensible jumble. There are innocent service outages and outrageous attacks, but it is almost impossible to see where any given attack came from. Spoofing the system comes naturally to hackers, and masking their location was pretty simple. Even in the case of a big attack, it would take weeks, or months, before a formal intelligence “attribution” would emerge from American intelligence agencies and even then there might be no certainty about who instigated the attack. So this is nothing like the nuclear age. Analysts can warn the president about what was happening, but they could not specify, in real time and with certainty, where an attack was coming from or against whom to retaliate.

In the Ukraine the attackers systematically disconnected circuits, deleted backup systems, and shut down substations, all by remote control. The hackers planted a cheap program—malware named “KillDisk”—to wipe out the systems that would otherwise allow the operators to regain control. Then the hackers delivered the finishing touch: they disconnected the backup electrical system in the control room, so that not only were the operators now helpless, but they were sitting in darkness.

For two decades experts had warned the hackers might switch off a nation’s power grid, the first step in taking down an entire country.

Sanger writes, “while Ozment struggled to understand the implications of the cyber attack unfolding half a world away in Ukraine, the Russians were already deep into a three-pronged cyberattack on the very ground beneath his feet. The first phase had targeted American nuclear power plants as well as water and electric systems, with the insertion of malicious code that would give Russia the opportunity to sabotage the plants or shut them off at will. The second was focused on the Democratic National Committee, an early victim of a series of escalating attacks ordered, American intelligence agencies later concluded, by Vladimir V. Putin himself. And the third was aimed at the heart of American innovation, Silicon Valley. For a decade the executives of Facebook, Apple and Google were convinced that the technology that made them billions of dollars would hasten the spread of democracy around the world. Putin was out to disprove that thesis and show that he could use the same tools to break democracy and enhance his own power.”