The US Has Allegedly Placed Malware Deep in Russia's Power Grid

Smoke from a power plant in Moscow, 2009.
Photo: Mikhail Metzel (AP)

The U.S. has deployed “American computer code” into Russian systems operating the nation’s power grid, the New York Times reported on Saturday, as part of the Donald Trump administration’s efforts to “deploy cybertools more aggressively.”

According to the Times, which cited “current and former officials” with knowledge of the situation, the Pentagon’s U.S. Cyber Command has moved to act on new authorities and independence granted by the White House and Congress (which themselves build off attacks authorized by Trump’s predecessor, Barack Obama). The government has remained publicly quiet on what specific actions have been taken, the paper wrote, but national security adviser John Bolton said on Tuesday that the U.S. was taking a more aggressive offensive stance in cyberspace “to say to Russia, or anybody else that’s engaged in cyberoperations against us, ‘You will pay a price.’” Cyber Command chief General Paul M. Nakasone has also been an advocate of “defend forward” capabilities in the event of a cyberattack on American systems.

Advertisement

While some prior reports of Russian intrusion into U.S. power systems have been shown to be exaggerated, the FBI and Department of Homeland Security warned last year that Russian state-linked hackers appear to have been probing parts of the energy grid for weaknesses. The Times report makes note of such an attempt to break into computer systems at the Wolf Creek Nuclear Operating Corporation—which the DHS later told TechCrunch appeared to be “be limited to administrative and business networks”—as well as “previously unreported attempts to infiltrate Nebraska Public Power District’s Cooper Nuclear Station, near Brownville.”

The U.S. government has also accused the Russian government of extensive interference in the 2016 presidential elections, including hacks of Democratic Party-linked email systems and a campaign to promote propaganda and disinformation on social media. According to the Times report, the Pentagon has justified some of its moves by pointing to the need for a deterrent during the 2020 election season. (The White House, of course, has spent much of its time and energy over Trump’s first term trying to convince the public that his campaign did not collude with the Russian government, though the president recently claimed he would happily take such assistance if it was offered.)

The Times’ sources said that the U.S. has placed potentially devastating malware inside Russian systems both as a warning and as a way to build retaliatory capabilities in the event of a “major conflict... between Washington and Moscow.” While Trump passed a classified executive order in 2018, National Security Presidential Memoranda 13, giving Nakasone more power to conduct offensive operations without pre-clearance by the White House, the paper noted that special powers granted by Congress the same year have greatly expanded the scope of those operations:

But the action inside the Russian electric grid appears to have been conducted under little-noticed new legal authorities, slipped into the military authorization bill passed by Congress last summer. The measure approved the routine conduct of “clandestine military activity” in cyberspace, to “deter, safeguard or defend against attacks or malicious cyberactivities against the United States.”

Under the law, those actions can now be authorized by the defense secretary without special presidential approval.

“It has gotten far, far more aggressive over the past year,” one senior intelligence official said, speaking on the condition of anonymity but declining to discuss any specific classified programs. “We are doing things at a scale that we never contemplated a few years ago.”

Advertisement

Other steps Cyber Command has taken have included cyberattacks on the Internet Research Agency, a Russian firm purportedly at the heart of the 2016 social media campaign.

Whether or not the U.S. now has the power to effectively turn off Russia’s electrical grids is both classified and perhaps impossible to know unless it is actually attempted, the Times concluded. The paper added that two sources said they were under the impression that the president was not given detailed briefings on U.S. efforts to infiltrate Russian power grids, with Trump’s own advisers wary he might respond by shutting the missions down or discuss it with Russian officials.

Advertisement

Russian President Vladimir Putin, for his part, recently told reporters that relations with the U.S. are deteriorating and “getting worse by the hour.”

[New York Times]

Advertisement

Share This Story

About the author

Tom McKay

"... An upperclassman who had been researching terrorist groups online." - Washington Post