The infosec cold war continues to grumble on under the surface. In today’s episode, deep-throat sources claim the U.S. has implanted malware deep into Russia’s electricity grid.
The idea, we’re told, is to make Russia think twice about meddling in America’s infrastructure. By placing persistent threats, we’re ready to fight back, should retaliation be necessary. U.S. Cyber Command’s Gen. Paul M. Nakasone (pictured) only has to give the order, and it’s forever midnight in Moscow.
But hang on, something smells fishy. In today’s SB Blogwatch, we fail at being credulous.
Your humble blogwatcher curated these bloggy bits for your entertainment. Not to mention: S&L.
US ICS APT WTF?
What’s the craic? Nicole Perlroth and David E. Sanger work their sources—“U.S. Escalates Online Attacks on Russia’s Power Grid”:
The United States is stepping up digital incursions into Russia’s electric power grid … current and former government officials said. [The] deployment of American computer code inside Russia’s grid and other targets [is] a classified companion to more publicly discussed action directed at Moscow’s disinformation and hacking units.
The administration declined to describe specific actions it was taking under the new authorities, which were granted separately by the White House and Congress last year to United States Cyber Command. [But] John R. Bolton said the United States was now taking a broader view of potential digital targets as part of an effort “to say to … anybody … engaged in cyberoperations against us, ‘You will pay a price.’”
The commander of United States Cyber Command, Gen. Paul M. Nakasone, has been outspoken about the need to “defend forward” deep in an adversary’s networks . … Trump issued new authorities … last summer … giving General Nakasone far more leeway to conduct offensive online operations [and] little-noticed new legal authorities [were] slipped into the military authorization bill passed by Congress last summer [which] approved the routine conduct of “clandestine military activity” in cyberspace.
Officials at the National Security Council … said they had no national security concerns [with us] reporting about the targeting of the Russian grid, perhaps an indication that some of the intrusions were intended to be noticed.
And Matthew Choi reports that “Trump slams” the story:
The United States has increased measures to penetrate Russia’s power grid as a message to Moscow to stay out of American cyber infrastructure. The efforts lay an aggressive groundwork for an attack on the Russian grid on an unprecedented scale if the two countries were to enter into conflict.
How deeply the U.S. has penetrated Russian systems remains classified. … Trump flatly rejected the Times’ story, calling it “a virtual act of Treason by a once great paper so desperate for a story, any story, even if bad for our Country.”
But are we being useful idiots by repeating it? Here’s Actually, I do RTFA:
Publicizing the plan [was] intentional. It’s kinda like Dr. Strangelove, if you’re going to be practicing deterrence, why they hell would you keep it a secret?
There were tons of reports of Russia doing similar attacks to US power infrastructure in the past few years. And they overtly did so to Ukraine. Being able to retaliate in kind (and have that ability known) is important.
You can both build a weapon and bemoan its existence. I mean, look at nukes. I think most people, and the US in particular, would be very happy with a magic wand that made nukes no longer function. But just because you wish it didn’t exist doesn’t mean you don’t develop it. And just because you develop it doesn’t mean you try to make sure it’s use is beyond the pale.
Sounds worrying. Leo Laporte comments, “The cyber Cold War escalates”:
We are in a situation where there is a new Cold War going on. And it’s going on with cyber attacks. … We know that the Russians have for years been putting malware in our power stations, on our power grid they’ve been doing it for a long time.
So what’s the response? Well, you know, the natural response would be, “Let’s see how we can secure these.” Or … what the nations of the world did after World War One: They got together and said … “We need some treaties, so that mustard gas and other poison gases will never be used again.” Maybe you could do that? Or … “Let’s escalate the matter—let’s put our own malware in the Russian grid.”
So get ready because … a couple of years ago, Ukraine was down for considerable time, in an attack perpetrated [by] the Russian Federation. … What if there’s a cyber war and the Russians kick our power out? … Imagine what would happen in the nation’s cities if the power were out for seven days or a week or a month. … We only have food supply for three days!
I think this is it’s about to get interesting. … And I’m not just talking about election meddling … I really don’t even fear that any more, compared to an attack on our infrastructure by faceless hackers.
And HD Young agrees, but calls it, “standard stuff”:
Read spy history. This stuff is standard.
We constantly do this stuff to the Russians, the Russians constantly do this stuff to us, and now China is getting into the game.
Make some popcorn and buckle up, buckaroos. The next few decades are gonna be interesting.
Follow the money, says Rich Tehrani—“U.S. cybersecurity and Russia have been coinciding more frequently”:
National Security Advisor, John Bolton [was] asked about the biggest threats. He said, “It’s China, Russa, Iran and North Korea. We’ve seen it in multiple hacks. The damage was done in both the private and the public sector.”
The new policy is to impose costs on the enemy, until they get the point. It is unknown exactly how far they need to go for this to happen and whether the response to aggression will be attacks on weaker targets.
Since the … Iraq war in 1990, the world realized going up against American military might, head-to-head, was out of the question. Instead … the enemies went after soft targets … such as buildings and docked ships. Citizens who ended up in the wrong place were also killed.
Corporations need to be aware that the playing field is changing and increased threats may be on the way.
But melted says it’s just “fake news”:
No concrete sources and [no] corroboration. … 99.999% chance that it was just made up to drive clicks and **** on Trump.
Meanwhile, Dr. Vesselin Vladimirov Bontchev—@VessOnSecurity—just laughs it off:
Let me … say that, unlike the Americans, the Russians are used to having their electricity turned off. … So for them it’s just a mild annoyance.
One more possibility: That there are no implants. The “anonymous sources” … send a signal to Russia, hope to deter the Russians, and at least make them waste their time and efforts to search for implants. A psy-op.
You have been reading SB Blogwatch by Richi Jennings. Richi curates the best bloggy bits, finest forums, and weirdest websites… so you don’t have to. Hatemail may be directed to @RiCHi or email@example.com. Ask your doctor before reading. Your mileage may vary. E&OE.