I do not believe Russia or proxies came close to disrupting U.S. electric power transmission or substation facilities. See: for reasons too detailed & complicated to explain. Sample: antiquated schemes can be impossible to hack.
--former Relay & Control Engineer, New England Electric System (NEES)
3
I should think critical infrastructure that needs to be inter-connected, like power plants, should have a separate network that can NEVER interact with the internet.
6
This is about leverage, and maybe the ability to blackmail. They don't care if we know. That's the point. It's a deterrent. And if they have the right leverage over important people, and the ability to cripple our infrastructure if they so choose, they can get what they want in policy areas.
2
We are in reactive mode. "Oh, my gosh, look what they're doing! That's scary!" But I don't get one iota of a sense that our government is fighting back. Until and unless Russia feels harsh pain in retaliation for what are nothing less than acts of war, they're going to keep right on doing what they're doing.
2
While I agree with comments here that republicans must be destroyed, as they seek to destroy America, these Russia-did-it lies come from democrats it appears. Now what do these two have in common? Billionaires and multi-millionaires. They have destroyed America to the brink of unsustainability and are ready to unleash complete annihilation to cover their tracks.
Do not pretend that those who provide these lies they call stories, are somehow "better billionaires".
All billionaires and multi-millionaires who have led America to its destruction must be destroyed.
And then, America has a chance.
1
It is amazing how movies reflect ongoing life. Bruce Willis movie Live Free or Die Hard in 2007 is too close to reality. What is most worrisome is the apparent failure of our government to address the obvious.
1
There is no excuse for the controls to ANY public energy device being linked to the Internet.
6
Ted Koppel's Book: "Lights Out" written in 2015 set this all out very clearly. Trump has knowingly and intentionally allowed Russia to do this by telling our countermeasures to stand down. Its very clear what Trump is doing and very clear what the Republicans have covered up. Buy why? Why do Republicans want Putin essentially reassembling the Soviet Union and assuming dominant world leadership.... if its because Putin promised Trump financial gain, so be it. But what are all the other Republicans getting? To be in office during this wonderful administration - the one that can't keep anyone for more thann 3 months? Republicans everywhere are rejoicing that Putin is our leader and that Trump has obediently allowed Russia to infiltrate our infrastructure. Amazing.
3
“I would say right now they do not think much will happen to them,” General Nakasone said. He later added, “They don’t fear us.”
Someone in the White House needs to sit down with Mr. Trump and explain to him in clear and very precise language what that means to the security of the United States. Within 15 minutes of that conversation the perpetrators of the actions against the U.S. should have a great deal of fear as the first cyber attacks strike hard.
The problem is not Russia. The problem is Donald Trump. He is obligated by his oath of office to protect and defend the United States.
5
Some of us remember President Obama's Jobs Act of 2011. It was a major infrastructure proposal to update and upgrade or electrical grid, airports, roads and bridges. One of the more salient issues at the time was trying to prevent our acknowledged vulnerable electrical grid system from just this kind of attack. Th GOP filibustered the bill. Ironically, now, after adding $2 trillion to our debt for the primary benefit of the wealthy, they are considering an anemic infrastructure plan that will do NOTHING to prevent another attack, let alone fix our roads and bridges. These guys are just shameful--and shamelessly so.
14
Who came up with the bright idea of putting all these controls on the Internet?
5
Ok, here's what I don't understand - what is the US, the world's only remaining superpower, doing to combat this aggression by the Russians. Sounds to me as if all its done is roll over and play dead . . .
5
Like the massive trillion and a half dollar tax giveaway to the 1%, our defense budget is obviously money well spent. This story lets all of us know that we have a $597,000,000,000 dollar security system that can be disabled by a paperclip. Billions and billions and billions spent on conventional ground war machinery that will probably never used (hopefully). Meanwhile, our entire country can be brought to its knees by a Russian with a laptop.
I'm still waiting for Trump to suggest that this was merely "good people" trying to help us cut down on our electric bill....
5
I don't think a proportional response is limited to response in kind. Cyber war is war. There is no logical, legal or ethical reason to only reply to an assault with the same type of weapon. Be a real shame if something should happen to that shiny new ice breaker.
2
Can someone, anyone, please describe the path by which the Russians gained access to the computer systems used to operate these facilities? I can't think of any means of entry except the Internet, which invites the question, "Why are these systems connected to the Internet?" I can think of no reason why these systems *MUST* be connected to the Internet, though I suppose it affords some conveniences. So the question is this, "Is having such conveniences worth the risk of a hostile takeover and shutdown of our utilities?"
11
Russia had help - Landis + Gyr has been on a mission to make the American and Canadian power grid as insecure as possible via cost cutting and outsourcing everything possible to India to untrained, unskilled workers that simply cost less.
5
I received this alert yesterday from DHS's CERT (Computer Emergency Readiness Team), titled "Russian Government Cyber Activity Targeting Energy and Other Critical Infrastructure Sectors":
https://www.us-cert.gov/ncas/alerts/TA18-074A
This is for real, folks. And I shudder thinking of who's in command to protect us from this.
8
I’m not trying to be bellicose, but these actions by Russia strike me as acts of war.
8
What are we doing about this? Can we retaliate or are we at the mercy of the Russian government? This is really scary.
4
Seriously, since when of any of this new news? As far back as 2006 when it was reported by Foreign Policy that the source code was given to the PLA and Russians that cyber attacks increased. I even wrote a scifi story about this that matches today and that was based on research and pure speculation. The infrastructure has been attacked a number of times, its vulnerability discussed a number of times and a white paper "CYBER WARS, A PARADIGM SHIFT" goes into hair curling detail.
1
It is kind of sobering to realize that many of the 8000 vote-tallying machines, not the local machines where ballots are cast, are also connected to the internet. Remember the massive internet outage that took place 3 weeks before the election? Couldnt possibly be connected, or could it?
3
If we know they are there, then why can’t we clean them out? I don’t get it and the article does not answer this simple question.
6
Is extensive computerization a mistake? Can we revert to a safer if more cumbersome system? It seems too easy to hack in. We seem too vulnerable, even to kids who may see hacking as a computer game. It's easier to hack than to prevent hacking, a losing and expensive battle. This applies to voting also, of course. We seem too vulnerable to serious mischief than could shut us down.
3
The headline for this article on the front web page reads, "Russia Could Have Switched Off U.S. Power, Officials Say." Why just "could"? They undoubtedly still can. And almost certainly China, as well. And potentially North Korea, and Iran.
In some sense, this is not news. We have known for some time that Russia has had serious capabilities in this direction. What is new is how openly our country is now discussing Russia's capabilities.
While the possibility that Russia could sabotage US or European power grid components is mentioned almost in passing in this article, the prospect of physical damage to the grid is overwhelmingly serious. What this article does not say is just how damaging to a country and its population such an event could be. In particular, a well-respected national study has shown that serious, well-targeted sabotage of a few key points in the US power grid could potentially knock out most of the grid for months to years. The resulting damage to our country would be unfathomable.
Adm. Michael Rogers, Commander of US Cyber Command, has said that it's a matter of when, not if, our country experiences a serious cyberattack on critical infrastructure. As individuals and communities and as a nation, we are wholly unprepared for a large-scale attack on our critical infrastructure. As individuals and communities and as a nation, we must invest a lot more of our time and resources in preventing and becoming more prepared for such an attack.
7
We find hacking in the banking sectors, retail establishments, the internet, utility companies, social media and so on. Companies have got to be held responsible and punished severely for allowing themselves to be infiltrated. They are not investing enough money on protecting their computers and so we all suffer. It's only a matter of time before the cloud goes down.
4
I have been telling anyone i know to prepare for an attack on electricity infrastructure. Try as they might, utilities cannot keep pace with state-sponsored hackers from any number of countries. I would be shocked if the Chinese and at least half a dozen other countries don't have this capability. Transmission facilities are also vulnerable. One wonders if the recent air traffic control and water treatment facilities are also at risk. Many essential facilities are owned and operated by municipalities. Do you think that they are immune to an attack? This is an urgent issue and requires a national response. Yes, folks there is a role for government in protecting our economy and its not tariffs or keeping dying industries alive.
9
How many more revelations will it take before voters start demanding the exclusive use of hand-counted paper ballots for the 2018 mid-term elections?
Of course, that won't solve the problem of Russia's ability to hack into voter registration rolls -- and if Russian hackers delete names using the same "logic" as Kris Kobach's Crosscheck program, any number of likely Democratic voters will be turned away at the polls or forced to use provisional ballots (which are counted at the discretion of local election officials, most of them Republicans).
7
There's real irony here not yet mentioned, to my as usual uncertain knowledge.
National security being defined as our ability to spy on everyone rather than allowing for secure transmission across the internet seems to have created a blowback here.
The US government in the form of NSA, etc. has been arguing just about forever that it needs to have a back door to everything on the internet.
Irrespective of whether there's been Russian, North Korean, Chinese, Israeli, or British intrusion, this insistence on having a hack-able system rather than the secure one those blankety-blank open source software and other weirdos have argued for is almost certainly part of why the the problem exists.
Another piece has to be the industrial failure to create secure systems from the ground up in an effort to get products out the door quickly and cheaply.
There should be time to still fix this while we still have the world's best software and hardware developers. At the rate our intellectual capital is being dissipated, this may not be the case much longer.
3
Turns out the administration is gutting research on a ton of things at the DOE (fusion power, biological sciences, alternative energy, physics) to give quantum computing a big boost-- though with overall flat funding (which is a cut in its own right). This article lays bare the costs of not finding a solution to the hacking problem. While quantum encryption technology holds future promise, should we really be robbing Peter to pay Paul? Shouldn't all the sciences get a big increase as we don't know over what horizon a solutions to our many problems lay? Fundamental high-energy physics research enabled us to begin to probe the quantum world, after all. In its own right, this is guns and butter issue - this is another way of increasing military funding at the expense of nurturing the nation's populace with well-funded research institutions, world-class schools, national healthcare, etc. By not nurturing the minds and bodies of our citizens, we foster a population living in ignorance, incapable of rising to the intellectual demands necessary to combat these technological issues. I mean... You have General Nakasone saying they don't even fear us. Perhaps the root of that lack-of-fear goes a bit deeper than we care to admit and requires a bit of looking in the mirror. Our not being #1 in education and health outcomes seems to me to be the largest military threat facing the United States. "It is in the region of ignorance that tyranny begins." - Benjamin Franklin
3
This is the new face of war. We should stop allocated billions of dollars to conventional weaponry and aim it instead on our digital vulnerability.
4
Does anyone believe Russian hackers found a way into the software of crucial US infrastructure and did no harm? They hacked power plants for fun? As a warning? They probably left back doors and malware that could be activated later. I would like to think we are quietly forcing the corporations running our infrastructure to disconnect controlling software from the internet and that we have teams of cyber specialists scanning crucial software. But we do not force corporations to do anything, not even to pay taxes, they are in control. Lobbying and dark money have produced a legislature of looters and a President who is indebted to Russia for saving his businesses and wags his tail when Putin compliments him.
Putin boasted that he had nuclear weapons that could not be defended against - a distraction. His weapons are Trump, social chaos, infrastructure malware, and corruption. We are in danger.
6
What has our “ so called president “ done about this ? NOTHING .
This is a dereliction of duties in the highest degree. Since Republicans couldn’t care less , Democrats need to take over the House and start impeachment proceedings on the grounds that President Trump is not acting in the best interest of our country .
7
Unless and until makers of computer controlled equipment (and what isn't these days) have a financial incentive to make their systems secure, there will be no cyber security. It is far easier and cheaper to pawn off the consequences of security breaches to the companies that use these products. When an automobile manufacturer produces cars that are unsafe, the government steps in and mandates fixes, recalls, etc. The same should be true for these computer controlled systems. All of our critical infrastructure should be hardened and should have to pass government mandated penetration tests. If a test fails, the creator of the system must be forced to address the weaknesses. That should be true whether the maker of the system is a third-party supplier to the infrastructure or the infrastructure provider itself.
Big government? Yes. But big problems require big mandated solutions. Otherwise no one will ever fix these problems.
4
I'm 57, not 157, but as a boy in Britain I can remember doing my homework by candlelight (during power outages at night) and buying paraffin to power small heaters. And, in the 1960s, my family's living without: a car; a fridge (food keeps in temperate climates); a television; a telephone... And yet, here I am!
2
If you are in a place where you can do this, buy a generator. Learn how to hook it up properly, use it, and maintain it yourself (have a stock of parts that need changing or might fail). Choose if you can a fuel that is not wildly expensive and have a stock of it properly and safely stored. Understand how long you can use it on a daily basis and what appliances you can "shuffle" when it's on. If you can't do this because of residential rules or circumstances, you'd better ingratiate yourself to someone who can.
It looks like we're back to preparing for subsistence living. As someone who went three months without municipal power due to hurricanes, I will never live without a generator again.
3
Why does powerplant need to be connected to internet anyway?
That doesnt make sense. Anything online can be hacked. Dont see why reactor should be online.
13
Husband I were just talking about this. It doesn't seem like there's a good reason to have any of our crucial infrastructure online...we've known for decades that there's no way to fully secure anything with internet access. I can't see how any convenience gained by this would warrant the risk.
5
The entire power system is interconnected to each states ISO, or Independent System Operator. They in turn are interconnected to other ISOs. Due to varying power generation abilities and varying power demand, it's the only sensible way to power the country. Otherwise, every city, town, state and region would have to maintain the ability to independently meet peak demand on their own at all times.
2
Donald, how much will it cost to upgrade internet security for our power grid. Will you take the money from elderly people's medicare and social security, or will you take it from the military budget?
15
How much more clear does it need to be for people to realize our own government is not working for us anymore? The GOP is nothing but a bunch of angry money grabbing rhetoric churning greedy men with their heads in the sand who, in effect, weaken our great nation from the inside out. Shameful, self centered and deeply arrogant!
20
When are the adherents of free market philosophy going to step up and satisfy this obvious market niche by protecting our national power grid and our infrastructure? Anyone? Anyone out there? I thought free and open markets was the answer to all ills.
7
But Obama told us that Russia was not a strategic threat to the United States, and The Times and the rest of the progressive intelligencia agreed.
5
Are you right all the time? I’m not. While Obama’s administration may have underestimated the Russians’ hacking capabilities, the issue really is what response is appropriate now? Do we retaliate? Risky. Probably not. We redouble our security standards for power systems at a minimum, and increase our surveillance of Russian FSB units.
4
I hate to be an alarmist, but it's hard to consider this being much short of an act of war. We need to make it painfully clear to Russia (with an emphasis on the pain) that this is not acceptable. I suspect that if we did to Russia what we did to Iran during the hostage crisis, seize the assets of Russian oligarchs, we'd see the behavior turn around pretty quickly.
Alas, we have a president and several Trump-party Russo-bots running around Congress that are in bed with those very same oligarchs.
11
The new tax bill helps small businesses and slightly helps middle class taxpayers, but the great majority of the money goes to rich individuals who do not need it, and will not spend it to buy things within our economy, and large corporations that already had excess cash that they were using to buy back their own stock shares, and will certainly do the same with this windfall. One time pay bonuses should not distract middle class workers from their long term fate. Aside from being greedy and saddling our grandkids with a huge deficit, the tax bill ruins the possibility to repair and upgrade US infrastructure, in this case specifically the hardening of power grid and power plant computer systems against foreign hacking. We have made this choice and now we are weak against our foreign enemies. I wonder if Trump supporters realize this.
16
I am middle class but I also know that the "Rich" already pay the lion's share of income taxes in the US. We just need to stop warring around the globe.
I want to mention that I think companies should invest far more in cyber security. Their risk vs. cost ratio analysis is, from my point of view, not sufficient, its simply the wrong approach. Because they need to remain competitive, they take risks that, even though unlikely, are extremely destructive when they happen. I work in a company dealing with cyber security, and not many care about most basic security standards (such as dont bring your private USB device from home to work). In especial the NYT should be very careful when it comes to cyber intrusion, journalists are an easy target. In the future, maybe countries will even start to build their own operating systems to avoid dependency and risks?
3
To get a sense of what could happen, especially if/when cars become interactive, read Daniel H. Wilson's novel "Robocalypse." Highly recommended!
https://en.wikipedia.org/wiki/Robopocalypse
2
Where is the money for fighting a threat like this? Where are the students and thinkers to help puzzle the way forward? Where is our government infrastructure when a serious threat appears on the horizon?
Here is the problem with drowning government in a bathtub. The "go-galters" aren't able to provide what government provides: loans to promising students, support for cutting-edge thinking, money for intelligence services. It's starting to look like the Mike Lees of the world are really helping out old Vlad. The naivety of thinking we can do without the United States Government because somehow disparate private actors will step up in times of trail is just stunningly stupid.
7
How could the riches, most powerful country in the entire world be so vulnerable to these massive & destabilizing attacks?
Who is watching & PROTECTING the U.S house?
Why doesn't the Pentagon have robust defenses in place NOW to stop this stuff?
Is there an active protection coordination plan/protocol in place with Private Industry and the Government to adequately respond to a breach of the nations critical energy infrastructure?
Thanks to the media & Russian actions across the globe the American public is awash with intimate awareness of how capable, powerful & deadly Moscow's is as a rival nation. It is important that the U.S ramp up its own capacities to show not just Russia, but the world at large how prepared & willing we are to defend our country.
4
Was the Trump administration pro or con regarding this news?
1
This story resurfaces every few years but nothing seems to happen to these cyber attacked power plants.
What is going on?
3
Are we doing anything to retaliate in kind, or has the US become a paper tiger?
2
Real push-back is needed
Step one - get all US power plant and transmission operations off-line and run the systems from each plant.
Step two - clearly indicate to Russia that any engagement of our armed forces outside the norms of aviation and seafaring will be responded to as self defense to an act of aggression.
Step three - immediately ban Russian all commercial aircraft
Step four - freeze all Russian assets in the US banking system
Step five - seek the immediate withdrawal from all major contenders to the World Cup in Russia
1
to state the taboo--IT managers and those in Homeland Security do not have the brains to solve this problem. They are simply, too stupid. What's required are a team of super-geniuses ( a la Alan Turing -- see the movie Imitation Game) to stay ahead of hackers. But therein lies the problem. Those responsible are too stupid and intimidated to hire people smarter than they and who earn more. Brains are out-of-fashion during this administration.
5
Guess we need more tanks and aircraft carrier.
6
How is this able to happen to us and we not respond? How is this possible? How come we cannot defend ourselves? How come we are not challenging Russia or imposing sanctions?
3
"They don't fear us." Don't you believe it. If they did not fear us - we would have already had critical failures of energy, or "accidents" at nuclear facilities. I don't believe for a minute that the U.S. is not as capable as Russia at interfering with critical systems open to the internet.
That being said - the U.S. should stop talking about this - as they have done for decades, and spend the money needed to shore up cyber security. If we can afford to go into billion dollar deficits to give the one percent big tax breaks - we can certainly throw in a a billion more to strengthen our cyber security infrastructure. One big problem here is that our government is filled with baby-boomers that do not fully understand - as Trump calls it - "cyber."
It needs to be a priority, and so far it has not been. When you consider many of the cyber-attacks of the past few years could have been largely avoided (industrial, and personal) if people had just done their updates to software as recommended. The lassez faire attitude about securing EVERYTHING connected to the internet has to end. But I do not believe that other nations "don't fear us." If America's economy blows up due to power grid failures etc. - there too goes China's, Russia's, India's, and so on.
6
'The United States is struggling to come up with proportionate responses ...' How about a few hundred cruise missiles so enough get through to nuke the cyber warfare installations? We've now got the kind of leadership capable of doing that.
How did these power systems operate before the internet?
Somehow we had power and water.
Can we go offline for these critical industries?
4
Rather than a Military parade with marching troops and flyovers- Trump may reconsider marching a group of scientists, engineers and systems analysts down Pennsylvania Avenue.
1
I am a nuclear engineer. Our technical team made software for nuclear power plant in India (NPP "Kudankulam"). The modern nuclear plant is completely isolated from the Internet and any cyberattacks are impossible there. It is also impossible to carry a USB flash drive to the territory of the NPP.
If you have any problems with the NPP safety, invite the Russian engineers :))
3
Isn't this more critical than some stupid wall, more important than raising a stink about 'take a knee', or having some knee-jerk hissy fit about needing a military parade. If Mr. Trump can't handle the responsibilities of protecting the USA against state sponsored warfare and espionage, direct attacks on our critical infrastructure, then he must step down. Dereliction of duty at the highest level is grounds for immediate removal. There is a clear and present danger from our global enemy #1, and Donald Nero is fiddling while the nation is burning.
5
A commenter writes, "There is something very wrong with this picture. Multiple serious and threatening cyber attacks and not one word mentioned about efforts to block further Russian interference It feels like Rome is burning while the NSA fiddles."
The problem is that the commenter works on the extremely dubious assumption that, in fact, something can be done electronically to prevent these attacks. To the contrary, every bit of evidence indicates that the only real solution is to isolate our critical systems from the internet.
We went to war in Iraq over phony claims of weapons of mass destruction. What happens when an enemy is able to take over targeting or launch control of our own very real WMDs?
Even as the unavoidable vulnerability of the internet becomes more and more apparent, we wallow in greater and greater connectivity, endangering not merely our bank accounts, privacy, and personal security but, more importantly, the security of our infrastructure, productive capacity, and government communications, as well as the military's command and control.
It is one thing for individuals to choose to live in self-delusion, pretending they are not trading their privacy and security for the "joys" of Facebook, Google, and their iPhones. It is an entirely different matter when a society engages in such self-delusion. On this, we need leaders to be leaders, because, the way things stand now, it would give ostriches an undeserved bad name to compare Americans to them.
5
The real question may become: “Who wants to start WWIII?”
The sad part is that none of this needed to occur. If the internet and associated web were slowly developed with the needed software to prevent such issues to a large extent, then we would not need to spend so much time and money trying to fix it. But the growth at all costs mantra has made that impossible. And now all costs are coming back to haunt us.
Ironically, my browser crashed when I first tried to post this.
2
Apparently the USA can do and is doing the same thing as the Russians, as it demonstrated in Iran. So what is the solution? Better international rules and agreements to stop such destructive assaults or better technologies to prevent such attacks?
2
So our "defense" is to issue vague threats of retaliation? Fantastic. Why are these facilities even open to the internet? They should be hermetically sealed for their own (our) protection. Meanwhile Zinke gets soundproof booths and private travel for "safety."
2
So we have Putin successfully engaged in ongoing war on the USA and the West: cyberwar, control of elections, threatening nuclear war, unstoppable bombs to hit designated US targets, a chemical attack on Britain, and now attacks on our power grids. But the REALLY bad news is that the Traitor President is on Putin's side! What is the definition of treason? The Traitor President is insulting and threatening our ALLIES, not our enemy, and the big painful tariffs he proposes will hurt out allies, with the goal of breaking up the EU. A national security emergency, folks! Again, what is the definition of treason?
5
How is this not war preparation? How is this not an invasion? The US is paralyzed. Pitiful. Sitting duck. Is there no-one in charge?
2
'hackers'
'Russian hackers'
'Russian state hackers'
"RUSSIA"
And this last one will stick in the public's head.
No proof or verification needed. Just repetition.
2
Hmmmm... that would explain the discrepancy between the results of the pre-election polls and the results of the election.
3
Wouldn't it be ironic if we needed the very immigrants we are trying to keep out to help us secure our country in the first place? I hear they are good at tech support...
1
How many fighter planes (and Aircraft Carriers) does it take to keep the lights on or prevent rigging a voting machine? "In Case of Emergency" who ya gonna call?
1
A gas pipeline explosion in Russia in the early 1980's was at the time attributed to the US inserting rogue software into programs used to control the pipelines pumps. Although this story has been debunked as untrue it was widely believed by the public at the time. see https://en.wikipedia.org/wiki/At_the_Abyss
If we do have the capability at the present to actually do somethings like this would we admit it in public? The opposition knows our capabilities. It is widely believed that our software caused Iranian centrifuges to malfunction. This is like chemical and atomic warfare - if both sides have equal ability it is unlikely to be used.
What about all the hacks into government and corporate computer systems, theft of trillions in intellectual property, spy theft of nuclear secrets by "students" at our universities perpetrated by the Chinese that are mentioned under the fold for only one day in the NY Times and the rest of the media? And what about all the Asian invasive species and exotic diseases mysteriously flooding into America along with the "free trade" junk that is impoverishing our nation? Why are all these war like attacks by China forgiven by our rich and powerful? Oh, that's right our 1% are willing to pay any price in average citizen lives, jobs and taxpayer paid for R&D and infrastructure, and ecological degradation as long as they have access to 100's of millions of no rights slave workers in China! While ... Russia does not "zero out" its infinitesimal by comparison aggression damages by allowing our Robber Baron Left/Right plutocracy to use their citizens as low wage slaves. So again ITS ALL ABOUT THE MONEY for our holier than thou hypocritical elites who pretend to care about "Russian fingers on the switch". I mean surely our contemptuous of common citizen elites who would kill half the US population for a few more dollars in their bank accounts have backup generators, and a private jets to escape whatever catastrophes they visit on the rest of us inferior baskets of despicables.
3
Let's get back to humans at the switch instead of the Internet at the switch.
5
Power grids, defense networks should be on separate isolated networks. There is no reason to have them on the Internet. Different network protocols, security from ground up. There will be no security until that is done.
7
Actually, there is a security protocol that utility companies adhere to, it's called SCADA (Supervisory Control And Device Acquisition). SCADA based stuff has been penetrated more than a porn star, Stuxnet being the most known. SCADA specifies isolation, but, as we saw in the case of Stuxnet, all it takes is one slip up with a USB drive.
2
We do the same with them—and every other country, so it’s similar to the nuclear “balance of terror.” But if you asked most power companies, they’re more immediately worried about a kid with a brick knocking out a transformer than Russia, China, other nation-states, terrorists, or freelancers.
3
Remember the PDB in which Bush was warned that bin Laden was intent on sticking the U.S.? How is this not, potentially, even worse? Imagine the scene if hackers were able to disable multiple nuclear plants all at the same time, all across America? What if the shutdowns didn't go as planned. This is truly terrifying!
2
Where is U.S. cyber protection?
Where is the decision to feee the money our intelligence agencies and military said was allotted but not okayed to utilize? Why can’t we defend and respond? We are siting ducks all because Republicans are too busy and too old, counting their personal wealth and ignorant about facts of our enemies as well as incontrovertible facts about the peril of global warming and the environment! When something goes terribly wrong and kills Americans they’ll say “nobody saw it coming”. They are unfathomably ignorant in their lack of bold action and leadership on our own behalf but also as part of leadership and action with our friends and allies.
4
There are guys out there that want to do a lot more, but they can't, they haven't received orders from the WH. The head of the NSA and US Cyber Command, ADM Mike Rogers is about as straight a shooter as you'll get. Among cryptographers, he is really the "Bullfrog". Last week he said he had received no orders, and above all, Mike Rogers is a disciplined sailor.
All of the old SCADA stuff, don't get me started.
Connecting operational control computers to the internet is just ignorant. If an organization has ANY concern about a piece of equipment they should place it behind a network firewall. The best network firewall is a private network with NO connections to any computers that are on the internet. This is not hard but it does require some thought and effort.
9
Its not operational control computers that are being threatened, its the PLC that controls operations in almost any process. These are the "brain" that tells each piece of the equipment when to open, close, stop, go, ect. Each plc is programmed to accomplish a certain task. The only way these plc's are programmed is through a computer.
Please-o-please stop with the effort to paint this Administration as being proactive on the matter of Russian sabotage. What was it Trump said when Obama tried to warn him about Russia; something on the level of "Just Sour Grapes." (It's always all-about-him). The fact Donald J. Trump can no longer feign ignorance- is not noble. Yet- what is being done- now- to protect power grids; voting machines and all else: Lip service isn't a very handy tool.
7
Putin is pushing the envelope, seeking to disrupt an analog network, which may result in a complete disconnection of traditional communications world wide.
The man is a died in the wool Soviet spy. It's all he knows.
2
We went to war in Iraq over phony claims of weapons of mass destruction. What happens when an enemy is able to take over targeting or launch control of our own very real WMDs?
Even as the unavoidable vulnerability of the internet becomes more and more apparent, we wallow in greater and greater connectivity, endangering not merely our bank accounts, privacy, and personal security but, more importantly, the security of our infrastructure, productive capacity, and government communications, as well as the military's command and control.
Self-delusion may not be good for an individual, but it can be positively fatal for a society.
2
Is anyone else watching the Norwegian drama, "Occupied" that tells of a Russian takeover of Norway without firing a shot (almost) on the pretext of needing to restart the oil pumping that a "green" government halted in favor of using thorium to produce energy? It's a chilling and unfortunately plausible scenario.
2
So is Russia planning on shutting off machines on election day? This idiot president is putting us all in danger with no consequences!
3
The Alfa is too quick
It's only a matter of time.
Read more: https://www.springfieldspringfield.co.uk/movie_script.php?movie=hunt-for...
Maybe Russian cyberattacks had, or still have, the capability to shut down water and power infrastructure in the U.S. And maybe not. But one thing is very certain: nothing that the Trump administration says can be believed. The administration and the president have zero credibility.
This fact is the inevitable consequence of DJT knowingly and intentionally telling lie after lie after lie. Sad. Hopefully voters will remember in November, 2018 and 2020.
5
"It is unclear what their perceived benefit would be from causing damage on U.S. soil, especially given the retaliation it would provoke," Mr. Cornelius said.
Putin just wanted to do it because he can, and it was a power boost to his massive ego. He is just another deranged dictator who thinks he can rule the world, and the proof of that statement is his global waging of war, cyber and otherwise.
Unfortunately, most countries have just reacted defensively to his cyber attacks despite how he brought down the Ukraine. This just made him bolder as only offensive tactics work with bullies. Defensive actions are considered weak and Putin as much as said that more than a few times in derogatory public statements.
Kudos to our intelligence community, and Mr. Mueller and his staff. Our Department of Energy is creating an Office of Cyber Security and Emergency Response (CESER). I know DOD has a cyber defense unit but maybe our FCC should as well, and our intelligence community may need one central cyber security agency. But, that would be for them to decide.
None of the information in this article surprises me and I am glad that Americans are now being made aware of just how much jeopardy we are in if we do not protect our democracy, our U.S. elections, or our infrastructure from attack. The world is at war and the battle fields are our cyber space.
2
How many years ago did Richard A. Clarke warn us about this? (-- Yes, the same Clarke who warned Bush and Rice about an event like 9-11 a few months before it happened.)
We are a very slow-witted, poorly-educated people who keep voting into power those whose first priority is to lower taxes for the wealthy at the expense of the overall public weal. Will we have to ask ourselves in the future whether our own inaction was our undoing? I hope not. Then again, I don't put much stock in hope.
2
Nothing the Russians do is a surprise any longer since they were able to place Putin's stooge, Donald Trump, in the White House with GOP help.
6
Great! We have a President who is silent and soft on Russia. Any actions that the US has taken have only happened because we still have a few Republicans and Democrats in Congress who forced the issue. Every day it feels more and more like we have elected the Manchurian candidate into office. His tweeter has gone silent on the REAL threats to America.
3
Isn't this an act of war? Isn't this the cyberwar that Leon Panetta (and others) warned about? And what are we doing to defend ourselves? Or am I missing the picture. What if it resulted in the meltdown of a nuclear power plant like the cyber attack could have created with a petrochemical plant in Saudi Arabia? Would people get upset then? Time for action on several fronts before it is too late.
3
How do we know the attack is from Russia, and not a bed ridden 400 lb person with a computer in the US?
2
You mean Trump?
As part of the cyber-security community, I have been sounding the siren about this threat for nearly a decade, both in technical papers and in fiction (Web Games, 2010). Will anyone listen now? Unlikely, as the current administration is too busy dismantling the infrastructure of democracy and denying its own links to Russian interference.
3
A commenter writes, "There is something very wrong with this picture. Multiple serious and threatening cyber attacks and not one word mentioned about efforts to block further Russian interference It feels like Rome is burning while the NSA fiddles."
The problem is that the commenter works on the extremely dubious assumption that, in fact, something can be done electronically to prevent these attacks. To the contrary, every bit of evidence indicates that the only real solution is to isolate our critical systems from the internet.
We went to war in Iraq over phony claims of weapons of mass destruction. What happens when an enemy is able to take over targeting or launch control of our own very real WMDs?
Even as the unavoidable vulnerability of the internet becomes more and more apparent, we wallow in greater and greater connectivity, endangering not merely our bank accounts, privacy, and personal security but, more importantly, the security of our infrastructure, productive capacity, and government communications, as well as the military's command and control.
It is one thing for individuals to choose to live in self-delusion, pretending they are not trading their privacy and security for the "joys" of Facebook, Google, and their iPhones. It is an entirely different matter when a society engages in such self-delusion. On this, we need leaders to be leaders, because, the way things stand now, it would give ostriches an undeserved bad name to compare Americans to them.
65
Isolate from the internet? All that happens then is someone brings it in on a thumb drive.
1
I suggest the U.S. converts its unused copper lines into a parallel network that isn't connected to the world wide web.
Then don't permit the use of USB technology anywhere on the system.
2
Just a thought: perhaps our most critical infrastructure shouldn't be connected to the internet.
104
agree...and we might each secure our own core personal financial & security infrastructure off the internet. Plus in the next elections, ask each candidate exactly how they will better protect our citizens within their first 100 days.
1
Trump recently spoke of creating a "space force", basically a military force for outer space. What seems much more urgent is a "cyberspace force" to defend against these attacks, which are no less dangerous than missiles aimed at key elements of our infrastucture. Offensive capabilities must also be enhanced, so that enemies like Russia know they will suffer dire consequences for their actions.
31
I think what Trump was talking about is the military protection of our communication satellites and other things that are ironically located in space, controlling many, if not all aspects of our modern life here on earth. That they are only now starting to do this is puzzling.
When are we going to retaliate in kind?
1
Don't worry, Trump will deny it and blame it on Hillary and Obama.
5
"Russia Could Have Switched Off U.S. Power"
Too late. Trump has taken care of that.
4
Why should we believe any or all of this? Maybe the Homeland Security folks want to scare us into even more of a war footing than they have achieved with North Korea? What can we really know about the truth with only reports seen on our computers and rampant mistrust being encouraged .
2
If you test the whole ppulation for a disease that 1% have — with a test that is 95% accurate — you will end up with a huge number of “false positives” — those that test positive but do not have the disease — as we as false negatives — making testing the whole population useless.
Since our intelligence agencies must have a pretty good idea of what “secret” “privileged” systems are already generally accessible by foreign agencies, it might be better to: (1) Let them have it, don’t waste time and energy on what you cannot protect and (2) Put all your time and energy into protecting critical systems that must never be degraded. But would this public understand and accept such practice ?
1
The article does not say what we could do to Russia or China analogously.
I think we could do comparable or greater damage to them digitally.
This probably should be thought about akin to MAD (mutually assured destruction) with nuclear weapons. If they do this to us, we do it to them, so no one benefits militarily and both sides suffer.
It is beyond idiocy and incompetence in today's age that our power grid or any other industrial complex is connected to the Internet and is therefore susceptible to hacking and/or espionage. There needs to be a comprehensive policy here to stop this stupidity. We have essentially invited any nation that wants to to destroy our economy by leaving our back door open and with a welcome mat.
1
If Trump is Putin's puppet, as many NY Times commentators and reports seem to suggest, then why would Russia cyberattack the U.S. when they just phone?
Incidentally, where has everyone's picture gone? These comments seem so impersonal without them. Perhaps we've all turned to bots. If so, maybe my neck ache will go away as one. Like dying and going to heaven, or someplace, perhaps.
I'm not worried.
Trump is on the case.
He saw a nuclear plant control expert on Fox and is hiring him.
Guy by the name of Homer Simpson.
5
And little hands wants more nuclear power for warmongering. We need nerds to help us with this war. Usual war materials are so passe in this time. Someone needs to get the word to Mattis and little hands before we have been taken over by Russia, China, and North Korea. Wake up dudes and get into the 21st century!
1
Spoiler alert (for a show from the 60s).
Between sowing discord among Americans with subterfuge and apparently aiming to disrupt our power grid, the Russian government is starting to more and more closely resemble the aliens from Rod Serling's classic Twilight Zone episode, "The Monsters Are Due on Maple Street." For those who don't remember it, in that show people in an idyllic American neighborhood turn on one another, in part, because an unseen force is messing with their electricity. It turns out the unseen force is aliens, meant to symbolize Russians, but played by Americans, who prey on the Americans' pre-existing prejudices and paranoid fears of each other to sow discord.
Flash forward to today and the Russian government's cyberattacks--using subterfuge that preys on our preexisting prejudices and using technology to possibly disrupt the power grid--seem eerily similar. And what if they did get the idea from the Twilight Zone? That'd mean real-life Russians pretended to be Americans to attack Americans as they followed a blueprint written by an American in which Americans pretended to be aliens that symbolized Russians attacking Americans. Throw in that in both the show and in reality part of the game was to make Americans fear "aliens" and life-imitates-art doesn't even begin to cover it. Zany.
2
OTOH-How long have we had the same ability to wreak the same havoc on the Russian infrastructure? It's just a case of pot and kettle,and between Russia and the US, it just a continuation of the MAD Doctrine,that pretty much kept the peace during the darkest nights of the Cold War. The old concept of "balance of power" in a multi-polar international setting,is only frightening to those who insist that only THEIR country can claim primacy in weapons,diplomatic coercion,etc.
Financial penalties against the Kleptocrats in Russia and China is the only way to restrain this behavior. These aren't governments, so much as criminal enterprises masquerading legitimate countries.
2
"...given that the United States was sure to respond in kind."
Oh really? Would we respond in kind?
Trump would say, "We don't know who did this," and walk away.
MAKe sno sense. Why would Putin want to cut of power to a Russian colony?
This is a newer kind of warfare and a military parade is a fool's response.
2
The fact that Trump has taken no action should be grounds for removal from office.
Is Trump waiting for Mueller to identify and indict the guilty Russians before taking action?
2
Sanctions...smanchkins...Are we to believe that America is totally incapable of shutting down Moscow's power grid and/or publishing Putin's financials? I had a class of high school 10th graders that could probably help you with that.
1
Ted Koppel's book "Lights Out: A Cyber Attack, A National Unprepared, Surviving the Aftermath" should be read by all Americans.
1
Putin wants to Make Russia Great Again and enrolled Trump as one of his stooges in the West. Putin, like any self-dealing autocrat, needs an enemy to misdirect his people from the theft of their democracy (and resources) at home. Restarting the Cold War and fighting with cyber weapons and the odd poisoning is not such a bed strategy.
Oligarchs in each country have to decide how best to exert control. Buying a political party (the R's) and a court system (Gorsuch) works well where the rule of law at least gets lip service. The Trump circus is just a diversionary side show.
In the former Soviet Union, ex-KGB officers murder, steal, and use kompromat to make their way to the top. Things will go very badly if the populace rises up against them, so they need more extreme measures to retain power. They operate more like a crime family, and misdirect with nationalism, fake religiosity, and total media control. The US, NATO, and terrorism are the enemy and are overtly poked to keep things stirred up.
I'd like to say such Russian measures would work less well in our country, but Trump is the closest thing we have to a Russian mobster. Stay tuned as he continues pushing the boundaries of our constitutional government.
1
If Trump asked for and received Russia's help to win the election and if he also does not respond to threats like these - well is there anything that he does that is impeachable?
Create a blame story for what is a failure of US industry etc. The real infiltration is of US media to create fake news.
1
Da, comrade.
2
Ted Koppel has a published book about the grid being shut down by Russia. As the long host of Nightline, he has been sounding the alarm for years. When will the public wake up and take this as a serious threat? certainly not under trump.
1
Who knows what the Russians would do to me if ever I was to get a smart refrigeration linked to Amazon Fresh grocery delivery. They could literally starve me to death from Russia. Of course if my world comes to that, maybe it's a good thing.
"...Russian hackers had not leapt from the company’s business networks into the nuclear plant controls...."
What irresponsible reportage! You know why they haven't? Well, according to people who actually know something about U.S. nuclear plants, its because the plants are impervious to such an attack.
"But what about nuclear? Are we at risk of cyber-induced meltdowns or releases of radiation?
No.
Fortunately, while the Russians may be able to disrupt electricity transmission in general, and electricity generation from many power plants like natural gas and wind farms, they can’t hack into nuclear power plant operations. Nuclear plants are still mostly analog and not connected to the Internet."
***
Russian hackers can’t affect nuclear power plant operations or safety systems. But they could, and probably did, hack some business, personnel and other non-essential files, which may be embarrassing and a little costly, but not dangerous. These nuclear reactors are truly operational islands wholly disconnected from the Internet..." https://www.forbes.com/sites/jamesconca/2018/03/16/russia-hacks-into-u-s...
1
You mean to tell me that they got into our nuclear plants and water and electric systems and power plants and that they didn't manipulate our computerized elections? Other than that fact that Trump owes Putin/Russians a lot of money, no wonder he won't say anything bad about him. It's up to Putin whether he gets re-elected in 2020.
2
Just a little confused here - is this Trump giving us a warning, or a progress report to Putin?
Remember "back" to January 2017? The Trump administration was "pooh-poohing" all such reports of Russian capability and attack.
In fact the Trump Administration and their various echo-choir Reddit type Donald boy fan sites were all a-Twitter in their "OUTRAGE" at "Leftist" magazines like "The Atlantic that were reporting on this exact story: https://www.theatlantic.com/technology/archive/2017/01/the-vermont-hack-...
Now that the Trump Organization and Administration admits they have been sitting on Mueller subpoenas ("for a few weeks") regarding Russian interference and Trump org. collusion with Russia- they grow nostalgic for Russia's attempts merely to sabotage our power grid.
Let's get a move on and impeach Trump, before more damage is inflicted by this baboon. Thanks.
1
I believe we can now re-write Trump's catchphrase: "Putin could stand in the middle of Fifth Avenue and shoot someone and he still wouldn't lose my vote!"
Looks like the ghost of Stuxnet coming back to haunt us. Just like with nuclear weapons, we commit the first crimes, then scream when others want to join in. Here's an idea: stop acting like the U.S. gets to do whatever it wants, everywhere, because it's the good guy.
Is Trump going to build another wall to keep Russia out?
Trump has done very little to protect us from Russia; he finally put the sanctions on. We need to DEMAND that America is protected from Russian hacking;whether it is on our power plants;social media or elections. NOTHING has been done to stop election interference;mid terms are rapidly approaching.Putin is testing to see how much he can get away with;which is a lot. Russia murdered people in the UK; using a nerve agent that would be traced back to Russia.This is a test to see what he can get away with there.Putin will be assassinating people here if we do not act. Trump/GOP needs to stop kissing Russia's butt and protect America. Ray Sipe registered Florida voter AARP member
If nuclear power plants, electrical grids, and water systems are already infiltrated, can electronic voting systems be far behind? Or are they behind at all?
Candidates in upcoming elections, both at state or federal levels, need to address this issue. Meanwhile, we're stuck with a president who allows himself to be cowed by Russia and, just by himself, represents a threat to our national security.
2
In chess, a good offense generally beats a good defense. Why all the hand-wringing about Russian attacks on our infrastructure? Why aren’t the geniuses at the NSA working on creating corresponding threats to the Russian infrastructure? In fact, it would surprise me if they weren’t.
We’ve been here before, during the Cold War. It was called mutually-assured-destruction, and it kept the peace. I’ll bet the Russians would dial back their attacks, once a few of their nuclear reactors mysteriously went down, with suggestive, but unproveable, links to U. S. government hackers. It would be a lot more effective response to Russia than issuing warnings or expelling a few diplomats.
I doubt that the Russian infrastructure is so robust that it is immune to U. S. attack. Remember Chernobyl? And if it really is invulnerable, let’s copy what they have.
We have been digitized to fare thee well. The Nor'easters that have plagued the northeast these last few weeks point out a weak link in our vital emergency communications. Imagine no power, and no charging of cellphones. Then, the 8 hour battery on your landline goes out. Do you have a sense of isolation?
I don't know whose brilliant idea it was, but in the "old" days, if you had a power outage, the phone supplied it's own power. It was like an ever-ready fire fire extinguisher. Now, in just a few hours, no phone, and no help. Forget the Russians. It's the Americans.We are very vulnerable from all sides. Did trump say "infrastucture?" I must be hearing things.
2
As a retired IT pro it has fascinated me to watch this issue grow over the years. The root of the problem from my experience is the consequence of cost cutting by dispersing staff, particularly support staff and relying on public networks to provide access to remote facilities. And cheaper always trumps (sorry) safety. The hand-wringing has been going on for years and yet nothing seems to be done to address the basic problem. A death wish to be sure.
I would also agree with others that creating ever larger collections of generation resources (one grid to rule them all...) is not helpful, because as the last major blackout showed, a failure can cascade across the interconnected systems and affect a far larger area. And as the blackout report discussed, the dynamic properties of these large scale systems are still a research project -- despite what the sales folk and politicians might tell you. So if an enemy within or without wanted to cause a problem it would be easy... and collectively we have helped make it possible by emphasizing short term profits over all.
1
How bad would a few days without power be? Really? If, for instance, it means I don't have to hear the president or any of his minions, that sounds fantastic. If it puts Fox News and Rush Limbaugh and the like off the airwaves, then we probably ought to be having a "no power" day at least twice weekly. Perhaps we could read some books?
More seriously, this is a clear call to get three things done rapidly: (1) push through localized renewable energy programmes, especially solar; (2) ramp up the ability to disrupt Russian and other potential enemy systems rather than wasting resources on pointless money sinks like nuclear weapons and F35 fighters; (3) remove the Russian agents occupying the White House and elect people - in both parties - who will put nation before party and self.
3
Ralph, I agree we need to "elect people - in both parties - who will put nation before party and self", but I don't see why Republican politicians and donors who've been disenfranchising Democratic voters for decades would turn down a helping hand from Putin in November...and beyond.
Our only hope is that we are just as embedded in the infrastructure systems of hostile countries as they are. Then we some version of mutual assured chaos that has some promise of maintaining sanity. If instead our cyberwarriors and hackers have been twiddling their thumbs, then indeed, all is lost. The best nuclear weapons and the shiniest missiles will not protect us.
I once worked for a major university that kept all their donor records on a mainframe that was only accessed by monitors hard-wired to that computer. The security worked. Later, when everything was "upgraded" to software that used the Internet, records were compromised and at one point a vice president had to personally call major donors and apologize that their Social Security numbers were now floating around the dark web. The solution is to take these vitally important facilities off the internet for good.
Wasn't there a time before the internet when our energy grid and infrastructure systems worked perfectly well? Do these systems require the online access that has created our current vulnerabilities? Why not return to the previous system where only individuals on-site control operations?
5
Ah, a story about Russian perfidy. I look forward to seeing all of the attempts to misdirect posted by our Russian trolls.
4
A job-creation infrastructure strategy (and a national industrial policy apart from tanks and ships and troops and highways) would be to harden the grid from attack and create redundancies in the electrical grid.
3
Okay, influencing elections is very bad, but hardly at this level. Hacking into and holding the power grid hostage is much more. It is an act of war. We should treat it as such.
I'm not talking about shooting missiles, but I am talking about North Korea-level sanctions; I'm talking about seizing Russian assets in the U.S., and a declaration before the UN that Russia has become a terrorist state. They have gone way, way too far. It needs to be met with a very forceful response. Not just the sanction of a few billionaires.
8
Why don't we disconnect all of these critical utility systems from the internet?
In the same vein, why does anybody put incriminating information in an email or any other system connected to the internet.
The hackers cannot hack stuff that is independent of the internet. Just pull the plug.
5
There have been a number of articles explaining these vulnerabilities over the past decade so no control systems professionals should express surprise at this. If your system includes a path to the outside someone will find it and follow it in.
Connecting control systems for critical infrastructure or for facilities that use hazardous processes to the internet is foolish to the point of negligence.
As a corollary to this imagine living in a world of self-driving cars and having the software update for Brand X's cars include a hack causing them all to make a sharp left turn once they hit 60 mph on June 1st of whatever year it happens to be.
2
At this point, slaps on the wrists and a stern "don't do it again," are nothing to a country that can bring down a nation's utilities and potentially cause a nuclear breakdown. The U.S, along with other major western countries such and the U.K and Canada need to work together to develop a plan into countering Russia's advances. We also need to develop better relations with Russia. Our president seems to be buddy-buddy with Vladimir Putin, but the State department needs to make a greater effort towards developing friendlier relations with Russia in order to prevent an attack towards American Infrastructure.
3
If you befriend a sociopath, don't be surprised when he uses your friendship to harm you.
The solution should be top "air gap" the control rooms for power plants, dams, chemical complexes, and other important infrastructure from the Internet.
Internet connectivity should be limited to a few computers in the offices of managers. This solution could be implemented very quickly and at very little cost.
Use of flash drives and wireless networking should be permitted only in extraordinary circumstances and under very tight supervision.
1
“Critical Infrastructure Protection,” especially protecting power production & transmission infrastructure against cyber penetration, has been a principal objective of the Department of Homeland Security since 9/11. However, the vulnerability of the power system has grown, not diminished in the intervening years. Having worked at DHS some years ago, I learned that this is not because of neglect by DHS or the absence of study or strategy. Rather, a substantial reason for the vulnerability is the transition from proprietary, air-gapped programs and systems to digital connectivity via the internet. The hacker threats and the vulnerabilities of the systems to such threats have grown in parallel and reinforced one another. Now, the responsibility for cyber-security rests exclusively in the hands of the private owners. The costs and convenience of the private managers and shareholders currently take priority over cyber-security goals. National security and public policy have taken a back seat. If our weapon systems were as vulnerable as our power plants and grid are, there would be a call to immediate action. We need not only a national cyber-security strategy but the means by our government to implement it.
4
It should be clear as can be that nothing on the internet or online can be protected from cyberattacks, from hackers, and therefore, all essential services, all government operations, perhaps everything should be taken offline. It was a bad idea to begin with. Time to step back. Transfer information physically.
2
Since the invasion of Iraq, it’s been increasing difficult to distinguish fact from fiction from writers. Gone is true investigative reporting, which has been replaced with leaks from “connected” individuals whose information is a sprinkle of truth and fiction. From this context, it is difficult to discern how much of this is truly real. However, we do know that we have used disruptive methods in other countries, and was first to do so. Thanks to this author, the cyber attack on Iran’s nuclear facilities was conducted. To be surprised that other countries would adopt these measures are foolhardy at best.
First, the "Trump Administration," has not issued any warnings. This came from Homeland Security, which likely made it public before the White House tried to squelch or obfuscate the story.
Second, the "Trump Administration" has shown no signs of dealing with the various Russian threats, and there is no sign that will change.
15
While it may be possible to shut the power off, this article is irresponsible in its suggestion that outside hackers could "control" reactors or "cause explosions" at nuclear plants. All critical control and safety system electronics and software are completely isolated from the internet and the outside world (simply not connected).
5
Why does Donald Trump not impose severe sanctions on Russia for this? They could've shut down major elements of our power grid, for crying out loud. It's obvious Russia has some sort of compromising information on Donald Trump. What other reason could there be for not enacting a robust American response to this act of war?
12
Re: "...The Trump administration accused Russia on Thursday of engineering a series of cyberattacks that targeted American and European nuclear power plants and water and electric systems, and could have sabotaged or shut power plants off at will..."
Yet...
Whenever Mr. Trump is called upon to verbally, (let, alone, 'physically'*), defend the U.S. from this sort of serial_attack by a foreign power...he, (Trump) resembles an evangelical, ('correctly'...), explaining contraception to their offspring!
Given the Republican (Michigan) governor's, (Rick Snyder's) utter lack of responsibility in creating-/-extending-/-maintaining the, (Flint, MI), leaded water poisoning crises...I've got to ask:
Does 'Comrade_Trumpski'-/-Do Republicans feel any obligation to do, anything when these adversities/ attacks occur to Americans?
*{Note: I said 'physically'...NOT 'kinetically'!!}
1
You know, of course, that it is the responsibility of the Environmental Protection Agency to protect the quality of the drinking water of the United States. It is not the responsibility of any state governor. It is the responsibility of the EPA. It has been since 1974. Congress mandated such.
This is a problem that has been brewing for a long time. About 7 years ago, a retired officer who was with US Army Cyber Command gave an interview warning about the rising threat of cyber attacks to US infrastructure, including shutting down our power grids. He pointed out that while open democracies are naturally more susceptible, the US also needed to make greater investments toward defensive cyber warfare. We couldn't count on retaliation and deterrence alone, because correctly attributing the source of cyber attacks was challenging in of itself.
It seems like previous administrations haven't invested enough in this area. The defense spending went to protracted wars like Iraq and Afghanistan, then prestige projects like Ford-class aircraft carriers or the over-costed F-35. The current administration, if anything, is even worse. Trump seems incapable of grasping actual defense needs, and is obsessed with expensive whiz-bang and military parades. A man who declared to the press we needed to "bring back steam catapults" on aircraft carriers is not a commander-in-chief who is going to understand cyber warfare.
79
Our Commander-in-Chief who by the way can not do as many pushups as our last First Lady thinks cyber warfare is a zippy tweet late at night.
4
Why is this on the "Politics page" and not the front page? Placement editorially speaking is curious.
10
"A version of this article appears in print on March 16, 2018, on Page A1 of the New York edition....." How's that?
4
for all his bravado about being a man of action and a superior war fighter Trump certainty looks timid and weak when he avoids confronting the russians. He is more quisling than chamberlain, but either way he'll fold like a cheap suit if Putin ever gets really tough
7
My first thought/opinion is shared by many here and that is to protect ourselves from all forms of cyber attacks emanating from both foreign soil and our own homeland. My second thought is why are we not doing the same to our adversaries around the world and here at home?
5
Time to wake up to the fact that Putin's Russia is every bit as much America's enemy as Soviet Russia was.
8
When we finally get rid of this Russian mole now in the Oval Office, we should warn Little Putin that any attack on our grid by Russian hackers will be considered an act of war against the USA, with full retaliatory consequences. SAC should immediately be put on alert, as well as every submarine with ballistic missiles, after programed to target Moscow and all military centers in the new USSAR, including Little Putin's castle in the Black Sea. Dr. Strangelove is alive and well. His name is Vladimir (Little) Putin (Le Petit Putin).
4
"Russian cyberattacks surged last year, starting three months after Mr. Trump took office."
"The United States is struggling to come up with proportionate responses to the wide variety of cyberespionage, vandalism and outright attacks."
The first thing the U.S. needs to do is get the Manchurian candidate out of the White House. All the GOP enablers are treasonous for allowing this dangerous fiasco to get to this point. Do they really want our country taken over by Russia? That's exactly what's happening but still they continue with their lies and covers out of selfish greed.
4
Make no mistake, this is a military attack on the US. I suspect they chose the Kansas plant not because they are interested in turning the lights off in Kanasas, but rather because its location in the center of the US. The fallout plume in the event of a meltdown would cover all the major cities in the northeast. On another subject, I am selling Russian flags and framed portraits of Putin at a discount rate for Republican leadership and heads of US government agencies. Make sure you get a pair for both the office and your home.
5
Or how about Senate hearings where the streaming feed got knocked out the minute the name Russia was uttered?
2
A decentralized power system, with solar on people's homes, would really minimize the disruption caused by a cyber attack. But, really, what can we do?
“I would do away with these incentives that we give to wind and solar,” Scott Pruitt, the chief of the Environmental Protection Agency, said in October. “I’d let them stand on their own and compete against coal and natural gas.”
The thing about coal and natural gas is that if the conditions are correct they explode. And it doesn't look like we have control over those conditions. Maybe that's a competitive disadvantage for coal/gas.
There are real structural changes that we can make to reduce the risks from a cyber attack beyond just installing anti-phishing software. But, why implement paper ballots or decentralize the energy system when you can produce a report, speak at a committee hearing, and continue to collect campaign donations from sectors that don't really want to change?
Trump is right about one thing: they're laughing at us. We deserve it.
1
Missing from this article is the statement…"US officials have taken steps to prevent future Russian hacks into the energy grid…"
That is troubling.
4
Maybe the officials have not told the Press what they are doing. Absence of comment does not mean there is nothing being done.
I would've thought our grids were better protected.
Most troubling is that Trump and his administration fail to correctly assess the danger to the country. He receives his daily intelligence briefing mostly from cable news, doesn't read anything of substance, and reportedly has an elementary school understanding of the intricacies of the threats arrayed against us.
Trump has so far not enforced the bipartisan sanctions Congress passed last year and yesterday gave Russia a pat on the wrist for major cyber intrusions into our power grids and nuclear plants.
He's now pondering major reshuffling in the cabinet related to national security at a point when most administrations have had highly knowledgeable experts in place for a year. This makes us very vulnerable. Let's not forget, he's reportedly moving on to his THIRD National Security Advisor in 14 months. If it is Bolton, this guy is reviled even among Republicans and has no experience, knowledge or administrative capability to be the national security advisor.
Many Americans were conned into thinking this real estate developer had the slightest, tiniest sliver of experience/intelligence required to be president. Thanks Fox "News" for the chaos and for your role in compromising American safety. Maybe Trump has Hannity in mind for the next Secretary of Defense.
4
While I do not dispute any of the my fellow commentors' assertions that we need to take appropriate counter-measures to secure our energy grid. there is a problem: we are not one. There are dozens of large energy companies in the U.S. with hundreds of power-generating facilities and all are privately owned. Given the centralized nature of our power grids, we would need national standards forced upon utulities that so far have shown little interest in this problem. In their current disorganized state, I cannot see Congress or the White House taking the steps necessary to so so.
2
Now we know our adversary and their sizable electronic capabilities. What are we going to do to abrogate this serious Russian intrusion? If we are so easily susceptible to this hacking, what steps can and will be taken to mitigate this threat? We appear to be slow moving on this front. I believe that as a national threat, this type of activity is at the top of our list of issues to be resolved immediately. Does Trump understand this?
3
Republicanism has given us Trump. Republicans, in their zeal to gain and maintain power at all costs have joined Trump and refused to take the Russian attack on our election seriously. When Obama asked for a bi-partisan press conference alerting the public to the Russian hacking of the DNC, Republicans refused. By attacking the FBI investigating the attack they have "unwittingly" joined Putin in dismantling our democracy. What is their response to the news that Russia hacked our power grid? A mild rebuke. Trump is the symptom. Republicanism is the cancer.
9
Republicans have added to their litany of Obama’s sins the perceived minimization of Romney’s assertion that Russia was our greatest threat. They beat that drum, against Obama, on a regular basis while walking away from confronting Russia/Putin over the meddling in our election, and now this. The cognitive dissonance does not seem to bother them in their servile posture protecting trump* from having to acknowledge that his glorious victory was tainted. Fie!
2
As others have mentioned in comments here, why on earth are essential utilities accessible on the world wide web? The direct operations should be on closed systems. Somehow, we managed to run water and electric without the internet for many years. Put a wall around the day to day operation of these fundamental services.
12
it has been done quite a while ago. They can't get into our essential infrastructure. They only got into the office network at a utility, not the power generation facility. they are not connected to the outside world.
3
Putin got to know we're at DEFCON 1 if he causes one of our reactors to go Chernobyl. It would take about a day, maybe only a few hours and the world as we know it would end ---- for us, and them.
2
Everyone knows the next war is in cyberspace.
Why haven't we targeted the Internet Research Agency (Russia's troll farm) With a counterattack? We know the perpetrators, let's have some action!
5
Well, we can't shut their power off. They barely have any!
What a joke that country is.
3
Somehow a re-direction of funding from military hardware to offensive/defensive cyberware would seem to be in order. In computer space, it seems, is where the next war will be fought. The major battlefields of the past are gone, replaced by smaller regional conflicts.
1
The Syrians are still being pounded mercilessly. Putin is learning every day that no one stomachs the thought of a real confrontation, and the Soviets have triumphed simply because they put so much effort into creating hideous weapons. The perpetual KGB agent at the helm seems to want to use all of them, at once. Meanwhile, Trump yells at the TV and his enablers glance at him while counting their money. They must be Rapture-bound.
1
Visited SF in April, 2015, while power was inexplicably out for an entire day. No word from PG&E for hours...and the next day they said it was due to a fire in one of the substations. (why did it take so long to report—or fix? 90,000 people out including financial district?). I wondered if it was some kind of attack—or even a "drill" to see how the City would react in case of a cyper-attack outage. Everyone was chill driving through streets with no traffic signals, it was a beautiful spring day.
Later heard power was also out in LA, and NYC — and this was considered "a coincidence. I still kind of wonder.
Five years ago, independent reviewers of National Science Foundation proposals for so-called "smart grid" technologies questioned the wisdom of turning an independent system over to interconnected and vulnerable computerized control. Their decision to not fund such work was overruled by political forces. The result...the very vulnerabilities we are now falling prey to.
Do we really need a "smart system" to tell us when we can run our electrical appliances? Do we need to be able to turn on the doggy monitor or clothes dryer from the office? Only if we also want to allow bad actors to have the same access.
WAKE UP!!! Binding all of our lives to the "convenience" of running one's life from a smart phone is insane.
5
to all the people worried about cyber security at nuclear power plants. Here is the link to the NRC rules on cyber security which was implemented in 2009, so don't worry about it. https://www.nrc.gov/reading-rm/doc-collections/fact-sheets/cyber-securit...
With almost invisible budget of the intelligence agencies how could foreign spies penetrated to the inner core of our systems and agencies of the USA. Our intelligence agencies need to work herder and be prompt to clear out the outsiders.Accountability should be demanded by the president. People of the country do not want to suffer due to such negligence of not acting promptly.
2
Of course the U.S. has even better capabilities in confronting cyber attacks, but it is truly unfortunate that this is happening at a time when our governance is at its weakest. Perhaps that is not a coincidence.
5
POTUS's words are always missing here. Trump always seems to look out for himself first and the country last...except in words.
2
With a mere 145 million aging and shrinking population how has Russia managed to overcome America's 15x GDP and 9x military economic powerful advantage to do this?
Can or have we done the same thing to Russia?
1
Are we shrugging this off and waiting for the other shoe to drop, knowing that Putin could literally take over the country? What is wrong with this picture? Diagnosis of a malignancy should lead to immediate treatment. Considering the ongoing events in the U.K., we must make every effort to protect ourselves. Why aren't we doing it? Instead we pay billions to build a wall? The wall we need is invisible.
I must be missing something here, and I hope I am. Why isn't this story splashed across the page in huge type? Haven't the Russians just demonstrated a first strike capability? Where are the emergency congressional hearings? Are we at top alert for nuclear threats?
5
Two solutions:
1. disperse energy production utilizing wind and solar.
2. Impreach and remove Trump from office so the Russians have something to fear.
5
I should hope we have taken the necessary steps to prevent the shutdowns and improve security to prevent future penetrations.
I quote from the article:
"The United States sometimes does the same thing."
Sometimes?
Really. And now we're supposed to believe that Russian cyberattacks are capable of doing all this, while having nothing to do with the 2016 presidential election?
Nice try.
5
Hello Republicans. Here is the problem with small government. All our power plants are in private corporations and therefore much more vulnerable to attack than they would be under federal control. Combine that with the fact that this lunatic we supposedly elected has gutted all of our agencies and what government we had. We are in serious trouble here; but it isn't too late to stand up and rectify things. We need start now though.
4
Kushner probably gave them the intel. Spy.
This was all covered in the 1992 documentary, "Sneakers".
This is not simply an annoyance or Russian trolls taking advantage of our open society to disseminate disinformation. It is an act of war.
7
One more reason for individuals ... to go solar.
2
This is the new warfare. You do not have to buy a gun, or plane, or spend a penny (let alone billions) on the old-fashioned expensive military equipment.
The new disruption warfare includes bots, fake social media accounts, election interference, easily sowed divisiveness, and cyber attacks on our infrastructure.
It's brilliance is that our Achilles heel is us - the American people. We are gullible, easily divided, tolerate incompetent leadership (who are owned by corporations), and our infrastructure is antiquated. It's a bullseye you can see from across the globe.
Well done USA, and well played Russia. Yep, those gay guys, Mexicans, and liberal distractions have done the trick. We elected a boob, and are happy to live in the dark. (soon, literally)
5
I'm waiting for an exculpatory statement from Devin Nunez.
8
Do you think Director Pompeo risked telling the President about this during this morning's intelligence briefing?
5
Always thought something like this was in the works, or possible. Would've assumed that the U.S. would be to match this, with more. Not so much anymore with Trump at the helm letting Putin do whatever he wants. It was only a few weeks ago that our security heads revealed that we are in way shape or form prepared, or doing anything to prepare, for Russia's hacks. On the bright side, now we know it's the Russians. So if the lights go out, someone can't tweet that it's the N. Koreans, or Iranians... Or whomever he wants to shoot some missiles at to cover his corruption. And again I would like to thank the GOP leadership in making all this possible.
It's astounding that people don't contemplate that trump would sell the US out to Putin. I can see him selling the nuclear codes on the belief that he'll be Putin's man in the US. Greed and ....republican followers.
4
This is beyond outrageous. Trump, who really does not pay much attention to his daily intelligence briefings, (Now we know why) should as of today be drummed out of the Oval Office, out of the White House.
4
With all these cyber attacks USA is playing ropa dope
taking the punches. It needs to hit back.It must be said
USA also uses the cyber attacks,a better known case is
the attack on Iran's nuclear fuel enriching plants and perhaps others not to mention the surveillance of foreign leaders like Merkel and Rousseff. We need to send strong message
to Russia with a nasty attack on. Alternatively there is a
need for international agreement on cyber-attacks
like arms control in military sphere. In the absence the
of such agreement cyber attacks are likely to increase in future and this is perhaps the new form of warfare.
1
WE THE PEOPLE must DEMAND that the multi-billionaires who figured out how to use social media to enrich themselves - with NO taxes, NO regulations, NO social requirements, NO conscience - form a committee to figure out how to safeguard OUR critical government/personal information. They're so smart - they can use their brains for some human/civilization good. WE must round them up and keep them locked up until it's done. It's as simple as stopping "push" technology, forming separate "country government" sites and putting REAL regulation into effect. They are already rich enough - on OUR backs and through mind manipulation - and WE must demand that it ends. NOW.
When social media/internet providers talk about "security safeguards" they are guarding their own business - it has nothing to do with the consumer. When Jeff Bezos raises the cost of "prime" he sucks in money every month from, apparently, half the households in OUR United States. He gives NOTHING back. When search engines say they will protect our privacy they mean they will protect it so only they have and can sell OUR private information to the highest bidder.
Any smart person will immediately make hard copies of important documents and information they have on the internet - in any form. It can all be gone in an instant.
Better yet, WE must demand that they get OUR government's critical systems OFF the internet and we must get OUR personal information off before the Robber Barons destroy it all.
3
Water systems, power plants and oil refineries should not have any part of their control networks accessible to the public internet, period. Sloppiness, laziness and false economy are the fundamental problems here. Heavy fines when mission critical systems not meeting rigorous security standards is the best solution, perhaps the only one.
4
You have an irrational belief there is a difference between public and private internet..... there is only the internet....
Systems from the oil to energy & water systems are run & monitored by networks over the internet.
Corporate networks must be secure.... of course... but there is no fail safe security.
America hacks and gets I to the same systems as ours adversaries... like any potential weaponizing of infrastructure... our adversaries can do the same damage, keeping both sides from aggression... Brinkmanship on display.... and mutually assured destruction with nuclear weapons applies to the base systems that provide energy, water, & all.
Having spent decades as a technical consultant for one of the world’s largest communications companies, I thoroughly understand the internet and the communications infrastructure of public utilities. Many still do sloppy things, like allow remote access of their systems by employees working at home on internet connected PCs. Utilities need to eventually revert back to purely private networks. They can still use modern and efficient IP based technologies, but they will need to be on physically separate infrastructure. This is the only long term solution. In the interim, companies who are sloppy in allowing access to critical systems must be policed with new, stringent rules and heavily fined for violations.
1
No elevators for high rises, no monitoring of vital information in hospitals, no movement of some rapid transit, no air traffic control, no traffic signal lights, etc.
This is war, and we had better treat it as such.
Don't dump those landlines yet! Don't rely on just keyless entry to home, etc.
2
IF they switch it all off will it be like rebooting my computer? Wait 10 seconds, turn it back on and all this nightmare administration will clear itself? Is there a presidential product key code we need for reboot?
2
Proof that monopolies are bad, in many more ways than one.
What has been done about this? What will be done? This is an emergency situation. Time to address Russian interference and threats of all kinds along with Trump's possible connections to it. This also highlights the importance of Mueller's investigation. Time to act based on the facts!
3
Why is this most serious of news not being communicated throughout the land with immediate alarm and a call to action by our leaders? Instead, we are subjected to reading about Trump's absurd military parade plans, Stormy Daniels, telling lies to Trudeau, his mood swings, revolving doors in the White House, etc. What is wrong with our priorities? Yes, we have brilliant tech people who are wasting valuable time and energy on social medial type frivolities. Why are we allowing ourselves to be so dangerously vulnerable? Set up a plan now to prevent/stop further infiltration. This is simply unreal.
6
Yesterday it was about vulnerabilities in the petrochemical industry. How dark outside forces were contriving to cause massive chemical explosions. Earlier it was the banking and international monetary systems. Then there was the social cyber vandalism to our elective political system. Today it’s the national (?) power grid that is subject to dusruption or sabotage prior to attack from desperate outside rogue forces - or even errant design. While there is no doubt that such vulnerabilities exist and must be addressed the shrillness seems extreme and somewhat fatiguing. Modern life in a democracy is an experiment in risk and challenges. Hang in there America.
I find the inaction and apathy of my fellow Americans to be far more fatiguing.
Anything connected to the internet is hackable. Another danger is with self-driving cars and all of the technology people are allowing into their homes. This story should be a wake up call to all corporations and citizens alike.
When the world's Oligarch's money and assess start to disappear into the Cloud and they see personally what they have unleashed, we the 99% will all have a hearty laugh!
Of course, we'll probably never know about it as the web and all telecommunications crash and our power, water and transportation systems go up in smoke.
But wow, we can go back to the "good old days" in an instant...
"But wow, we can go back to the "good old days" in an instant..."
Good luck with that. Many people today are helpless without their cell phones, laptops and GPS. Because of our dependence on computers and the internet, most businesses would be paralyzed as they have no fallback plan for extended periods without electric or internet. We have painted ourselves into a corner with our total reliance on tech.
So, if Russia is able to shut down power grids...is there anyone left (except of course for Trump and his followers) who doesn't believe that Russia not only "interfered" in the 2016 presidential election, but rigged the voting machines in Michigan and Wisconsin to guarantee a Trump victory?
4
A lot of people commenting on this article seem to think that this is the fault of Obama and Hillary and that Obama could have done more to stop what we see now. Although we knew this was happening and the DNC had been hacked by Russians, even at that, Fox and Friends and Trump insisted that it was an inside job. For Obama to have done something significant would have meant postponing the elections to determine the susceptibility of hacking into voting machines and calling out fake news, much of which was repeated on Fox News as fact. How do you think that would have gone over on the eve of a contentious election?
1
Sorry. I'm not buying it. Lies and deceit are all we're fed, from Trump and all other admins since Truman. Scare tactics-perpetual wars and bogeymen. If it is a bona fide threat, then the government is being paid handsomely to deal with it. Great power, great responsibility. If it's showing up in the Times, it's already been a problem for some time, and the government has had full knowledge and been indifferent at best.
It's too bad you didn't read the article. It talks about how long they've known. You're right that it's been a while, but the rest of what you write...well, you should read the article.
I don't need to. Its such an old, predictable story by now.
Are we to believe that the American "intelligence" apparatus is sitting helplessly by as the wolf prowls the henhouse?
Is it naive to think that we are visiting the same, or worse, on our adversaries yet never hear about it because of their totalitarian control of information and their refusal to admit weakness?
Surely Iranian centrifuges weren't a one-off for us.
Would like to know the whole story. Never will.
1
Oh, so NOW Trump acknowledges Russia breaching our borders with malicious intent? How convenient for him to feign concern about Russia now that Mr. Mueller is subpoenaing his way into Trumps business entanglements with Russia.
2
There is ample evidence from Trump's Department of Homeland Security and from several cybersecurity firms reported in the article. Did you not read the article before writing your comment?
"Still, new computer screenshots released by the Department of Homeland Security on Thursday made clear that Russian state hackers had the foothold they would have needed to manipulate or shut down power plants
“We now have evidence they’re sitting on the machines, connected to industrial control infrastructure, that allow them to effectively turn the power off or effect sabotage,” said Eric Chien, a security technology director at Symantec, a digital security firm."
US politics are impelled by money, without money driving it, legislation generally goes nowhere.
There is no money behind most things that are for the common good, like protecting the infrastructure, and so they do not get done.
1
Our infrastructure has been vulnerable for decades but not so much from our enemies as our own complacency. The same unwillingness to repair and replace existing infrastructure has made it vulnerable to outside interference like this. If you deal with the first two the security can be tied into the upgrades. Instead we use a low bid, on the cheap and kick the can down the road mentalities and we get predictable results. These things take real money and work and are not amiable to soundbites, tweets & press conferences. Ask anybody who has ever worked at a public utility et;al and you will understand the difference between grandstanding and the resistance from politicians, business interests and the public to paying for improvements. Out of sight, out of mind is the working reality for the people who struggle to maintain & protect these systems. Do you wonder why their so vulnerable ? $$$
1
Where I live, the biggest threat to power is falling trees. All winter long, you pick up the paper and read about another old cedar falling onto a city bus or into someones living room. Power goes out around the area and people get killed. And of course, while that is happening, at least a couple of homes are sliding down hillsides because some river swelled and took them down stream. On top of that, we keep waiting for the big one here in Seattle which is quite overdue. I keep an earthquake kit in the closet but I do not have a terrorist kit or a Putin kit. I do not think about them much during the winter when I have real concerns...like being hit by a tree while riding a city bus:)
http://komonews.com/news/local/fallen-trees-shut-down-part-of-i-5-in-sea...
https://www.seattletimes.com/seattle-news/tree-topples-in-seattles-pione...
http://www.king5.com/article/news/local/families-evacuate-as-shed-topple...
Given the known vulnerability, it seems irresponsible to connect critical infrastructure to the internet. Is there any reason why power grids, etc. can't be operated through closed systems?
1
No where does this article mention the creation of newly created firewalls to protect the systems from cyberattacks.
What's going on with that?
This article describes the the hack as providing the ability to subvert existing power grids, indicating that it has not been defused.
If we know that the system is vulnerable, should not replacement with a more secure system be the first priority. Certainly, it could be done, even if it meant inconvenience and the use of bio-identification and redundancy replacing the previous more "efficient" system.
We're told Russia hacked our critical infrastructure to the point where they can shut down power grids and cause nuclear malfunction, but they were unable to penetrate our election software in a way that could change voting results. Do we have more safeguards securing our voting systems than protecting our nuclear facilities? Doubtful. Remember how the 2016 election results were completely incongruent with virtually ALL pre-election polling? What are the chances that Russia manipulated the vote totals but that our government won't tell us that because of the anarchy and complete loss of faith in our democracy that would ensue?
This is nice to know after the fact, but what were our intelligence agencies doing three years ago to protect our infrastructure? Do our intelligence agencies only spy on our allies and domestic targets?
Cars. As much as I would like a newer smart car, has anyone looked at the security issues? Just theoretically, could someone could reach in and turn off all cars in the US? They (Russia) were very methodical in planning how to go after power plants; what if you could just stop 80% of the transportation in America? (Hang on to that old Volvo or Saab!)
1
In the article Eric Cornelius wonders as to the perceived benefit to Putin. If Putin can interrupt the energy sector in any way, real or perceived, it will increase the price of oil.
The sanctions have taken their toll and Putin needs money particularly with his new spending on the military.
New meaningful sanctions on Putin would be especially troublesome but Trump resists which only further empowers Putin.
This is Putin's moment and he will maximize the opportunity.
The Trump administration said all this? Why does this smack of Bush's non-existent WMD?
The question is: did they fixed the vulnerabilities or not? Did I miss it? Thanks!
3
We’re under attack. This isn’t Obama’s fault . This is happening on Trump’s watch. What have Mitch McConnell and Paul Ryan to say about this? Right; nothing; bags; zippo; zilch. What about the One Percent who stand to lose it all? It’s called a pre-emptive strike, Mr. President! You’re not making America great again; you’re weakening us beyond repair? Oh; speaking of “repair,” how’s that infrastructure initiative going? We don’t need s Wall at the Mexican border; we need to strengthen our country from within. What do you owe Vladimir Putin? Besides your soul, I mean?
5
In both the quoted statements and editorial content of this story, there is a strange mix of past and present tense when referring to the threat. Are the control systems of our nation's utilities still currently compromised?
7
Vladimir Putin has stated many times, "You must get in the first punch." I'm sure the intel community is aware. Is Trump aware? Or is he too busy firing people?
1
Under Trump and the GOP America has proven to be less safe. Looks like the "American carnage" Trump was blathering on about was actually his administrative strategy.
2
November 8, 2016 the Russians did indeed switch off the U.S.A.’s power.
2
Hey, let's add another Federal bureaucracy to guard our 'energy grid' against Russian hackers - not! I am amazed at the failure of out vaunted government systems 'experts' to prevent those pesky cyber security breaches. I'm talking about the crowd which appears to be using 1980s vintage systems (at best) to deal with 2018 hacker technology. Oh, I'm sorry, I forgot that criticism of the sprawling Federal bureaucracy so beloved by the Left is for bidden to us uninformed citizens. Hey, the answer is clear - let's blame that neanderthal, Donald Trump. Wow, what a simple solution!
2
Ahh ... the "free market will solve everything approach." Tell me, what incentive does any given power company have for spending potentially tens (or hundreds) of millions of dollars to upgrade security? I bet that if a cyberattack did shut down one or more utilities, the government would shield them from paying the true costs incurred by consumers (how much has Experian really suffered for its incompetence?). Further, given the interconnected nature of our nation's power grid, what happens if most utilities are willing to upgrade but there are a few holdouts?
No one is expecting the government to drop some magical shield over the country, but the government is the only institution that can provide the leadership and intel to ensure that everyone works together in an integrated and effective approach.
Would you support paying actual taxpayer money to improve systems? Thought not.
Why would Putin worry when the commander-in-chief is beholden to him for putting him in office?
1
What's the old saying$ "Two can play that game!" With our superior tech skills, why don't we put our electronic fingers on not only Russia's electrical grid, but also on it's military, and financial electronic footprint. Especially since Russia continues to deny it's open cyber warfare threatening our security.
Perhaps Russia needs to be reminded that the United States has a sufficient nuclear arsenal to decimate Russia should they turn off the power. Since a power outage would be the equivalent of a nuclear attack, this ought be an option that Putin et al can expect. Too bad we didn't drop a tactical weapon on Damascus at the beginning of their war! If genocide is the name of the game, all options need be possible.
1
"Perhaps Russia needs to be reminded that the United States has a sufficient nuclear arsenal to decimate Russia should they turn off the power. "
And Russia has a sufficient arsenal to decimate us. Are you really advocating for nuclear war?
With Vladimir Putin calling the shots in Russia and the White House its no surprise that they will try and control the rest of America.
2
I think it could be more than that. In Canada, Air Canada's computer system went down and stranded 1000s of people at airports all over Canada. Something as small as the reservation and ticking system, air traffic control, police communications, fake emergency alerts on TV and radio. If all these things happened simultaneously, we would be dead in the water for days.
1
World War III started years ago.
We expected it to be done by a rogue state with nuclear weapons.
Instead it being done by nerds with keyboards.
1
Too many comments to read. So forgive me if this was asked before.
Do we have the capacity to "hurt" Russia's infrastructure as well? Is this another form of "Cold War"? If they knew we could attack their energy and water resources, perhaps that would create the same kind of mutually assured destruction scenario that protects us from nuclear attack...
Better yet, why aren't we involved with a dialog that demonstrates our strength and resolve alongside negotiations for peace and stability? I'll answer that. Because we have an amateur at the helm who has never been in these waters. Nor does he have any interest in listening to those who have.
A smart business person listens to those with experience. He only innovates when he knows how things work. He/She also knows how to build a loyal team of folks who are smarter than him/her.
Why is the American power grid or air traffic control system on an open network? No really, you don't need email or surf the web on a nuclear power plant control.
They need to run dedicated, isolated wire from one point to the next. Then develop and install a unique encrypted communication protocol for it, that isn't shared with any outside industry. A closed system. No one needs to access a nuclear power plant or air traffic control from home.
It might be expensive, but it would be a million times cheaper than being paralyzed by a foreign government or hacker collective.
3
It is already a closed system. All nuclear power plants are not connected to the outside world, this is by NRC law.
but.... taxes! Government overreach! Regulations! Let the free market fix it!
Republicans have no interest in raising taxes that might be needed to accomplish this, or using government oversight
All nations with the capability conduct clandestine cyber operations against rival nations. A major goal is to develop a capability to disrupt the rival nation’s power grid in case of war. You can bet the United States does it too. In May, President Trump signed the “Presidential Executive Order on Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure,” a first step in protecting the nation against cyberattacks.
https://www.whitehouse.gov/presidential-actions/presidential-executive-o...
2
And what has the Trump administration done about this huge threat?
Nothing. You have to ask yourself: why?
Criminal, treasonous negligence.
How do you know that “nothing”has been done?
1
With an administration that is favorable to Russia and Putin, and has previously refused to implicate Russia and Putin for attacks on American democratic processes, it is obvious that America is even more susceptible to Russian interference in our daily lives.
It is about time that the Russian lapdog in the white house takes a stand against Russian interference in democratic processes and security in the U.S.
1
Why would we have anything to fear when our Secretary of Energy is Rick Perry?
6
If you killed enough of the power grid, you'd probably kill a good chunk of the Internet and wireless communications or telephone lines in the US. And then what would any of us do?
2
Light a candle and read a book....
This report contains no evidence whatsoever that the hacking is connected in any way to the Russian government. Yet the Times reporters come very close to making that very claim. Sadly, this kind of reporting is now routine at the Times and other mainstream news outlets. Blame everything on Russia and Putin even when solid evidence is lacking. The scapegoating of Russia initially was ginned up by Hillary Clinton’s campaign as a way to explain her embarrassing electoral defeat by the odious, clownish Donald Trump. It was quickly taken up by the entire Democratic Party establishment and their allies in the press, who hope to force Trump out of office. Now, the anti-Russia offensive has grown like a cancer into a dangerous new Cold War between two nuclear armed nations. Why do so many people fail to appreciate the extreme danger of the situation? Is it denial or madness? Either way, I plead with the NYT to stop fanning the flames of what could end up as World War III.
4
"For years, American intelligence officials tracked a number of Russian state-sponsored hacking units as they successfully penetrated the computer networks of critical infrastructure operators across North America and Europe, including in Ukraine.
Some of the units worked inside Russia’s Federal Security Service, the K.G.B. successor known by its Russian acronym, F.S.B.; others were embedded in the Russian military intelligence agency, known as the G.R.U. Still others were made up of Russian contractors working at the behest of Moscow."
There is ample evidence from Trump's Department of Homeland Security and from several cybersecurity firms reported in the article. Did you not read the article before writing your comment?
"Still, new computer screenshots released by the Department of Homeland Security on Thursday made clear that Russian state hackers had the foothold they would have needed to manipulate or shut down power plants.
“We now have evidence they’re sitting on the machines, connected to industrial control infrastructure, that allow them to effectively turn the power off or effect sabotage,” said Eric Chien, a security technology director at Symantec, a digital security firm."
Rob - you are spot on! Unlike the Robert in the next comment - totally unfounded fear mongering and perpetuating the Clintonian anti-Putin/Blame everything on Russia meme that is being used to cover up Hillary's chicanery and criminality vis-a-vis the DNC and subversion of the Sander's campaign - just to name a few.
So, we need to rewrite the old adage to read: "you can fool some of the people some of the time, and all of the people all of the time - especially readers of this paper."
America and all western democracies are under constant attack from Putin's Russia.
As with the Cold War, if blatant aggression is not met with equally aggressive countermeasures against strategic and tactically sensitive targets that actually impact Putin we will all loose this war. There must be consequences.
In the face of insurmountable evidence our leaders have an obligation to act and provide clear leadership, or once again, we will all loose this war.
I for one do not want to loose the liberties and freedom my father, and his father fought for. They paid a very dear price for us to live free. Now its our turn, for our children.
It's time to unite against a common foe who is trying to destroy our freedom and our children's future to a better life.
3
Trump is complicit in anything the Russians might do. It is impossible to take any headline seriously that suggests he might be doing something about this.
Vote: November 6, 2018.
2
This is a surprise to us?
What is really surprising is with all the genius-level software engineers in Silicon Valley, Homeland Security can't tap into that knowledge base to shield our computers from hackers, no matter where they come from.
Even North Korea can figure out a way to launch cyber attacks against SONY. Where is all that good ol' American know how?
4
In Russia and North Korea, the governments are employing those people. Here, republican are busy cutting the budgets of anything government-related.
1
Besides no heat and water, where will we be with our electric cars and electric baby-watchers, all hooked up to the grid, being hackable by either side?
All the young brains now designing ever more elaborate and lifelike entertainment products, VR and games, should be using genius to keep our critical infrastructure safe. I'm sure many of them will respond to a call to protect their country, a most difficult game with the highest possible stakes.
2
Most government employees are completely clueless about computer security.
Their passwords routinely follow their children's birthdays or their pet's names.
Any 15 year old geeky kid on the block could crack their passwords in under a minute. Add to that the government computer infrastructure which is largely Microsoft based and highly vulnerable to compromise. Why haven't we upgraded our systems yet to Unix/BSD with powerful iptables to keep all intruders out? I know that it is only a matter of time before a thief can break the world's strongest lock, but still Microsoft and Linux based OSs are on opposites of the spectrum.
We need a paradigm shift in computer security. Otherwise we won't even need Russians to defeat us. Some half witted teenage kids could deal a massive blow to our systems in no time.
If there is no monetary incentive to "bullet-proof" our infrastructure systems, then what incentive is there to do this in a pure capitalist economy? Why should profits be diverted from shareholders and executives for anti-malware research and protection? Will mutually assured destruction be enough to keep our enemies at bay and keep us safe?
Might want to unplug the nuclear power plant from the Internet. Just a suggestion.
6
Instead of putting in lackluster cabinet people and heads of agencies why doesn't Trump hire some experts. Cyberhacking may be the biggest threat to our country and Trump is spinning his wheels.
This vulnerability of the U.S. power grid and nuclear weapons control centers to cyber attack shows a complete lack of imagination on the part of american power companies and the U.S. government in connecting any part of this vital infrastructure over the world wide web. The owners of power infrastructure and the U. S. cyber security departments must realize by now that putting any leg of this control infrastructure on the web, even one computer for sending e-mails, makes the whole system vulnerable to malevolent interference. Even one computer at a nuclear power plant connected to the web provides access to the entire plant network. The solution is to create a much more secure, parallel hard-wired network using the now nearly abandoned copper telephone wires.
117
Power companies have been aware of this for years. Both grid and generation units are NOT connected directly to the internet. Office computers may be connected but not vital systems and all power companies have extensive IT security with strict rules.
Wait for self driven vehicles and internet of things. More
fun for the hackers.
2
Thank you for your comment, but according to the article, the security you speak of must not be invulnerable.
1
This article implies that we're helpless to do anything to stop Russian hackers from turning out our light outs. As a former computer scientist, that seems a bit far-fetched. As with our nuclear missiles, there should be a human fail-safe element that prevents any system from being disrupted without having someone on the ground who has codes to determine whether that is a real signal or a hack. We have the world's most advanced computer specialists who should be brought together in a Manhattan-style project to re-engineer our computerized power grid systems as well as our vulnerable voting systems to make them totally hack-proof. Obviously, inserting human circuit-breakers is one approach to preventing a total system-wide shutdown, but developing AI software to detect unwarranted intruders and aggressively counteracting them should also be possible. We know the problem, and we have the problem solvers; all we need is the leadership.
5
More proof that Obama and Hillary were asleep on the job and not protecting our national security. North Korean nuclear weapons development is another example.
Trump is left holding the bag and has to try and clean up their mess.
From the article:
"The attackers had compromised some operators in North America and Europe by spring 2017, after President Trump was inaugurated."
1
Wrong Don, Hillary was Secretary of State and had nothing to do with cyber warfare. The NSA and CIA were aware that hackings were happening, but it was mainly corporate hackings, identity thief and money grabbing schemes. You must know about Norton and if you do you would quickly understand that almost daily a new virus is discovered and an antivirus program developed. On the other hand, it was under Obama that we used hacking to take down centrifuges used to refine uranium is Iran.What is needed now is strong leadership to counteract the possibility of state sponsored hacking and to develop a counter offensive strategy. That leadership is missing.
1
Agreed about Obama and cyber security in general. However, your point gets diluted when, in typical sore-winner Republican style, you chuck in Hilary. She was never and is not President. Buck stops with our President. Period.
1
The most alarming part is the hacking of our nuclear power plants.
This could result in unfathomable danger, doom and destruction.
Just the thought alone is beyond frightening. I don't think we're getting the full picture as to how vulnerable our nuclear facilities are to terrorism.
Having the lights go out and power off is one thing. Having a nuclear meltdown is an entirely different nightmare.
1
Nuclear plants by Law are required to NOT be connected to networks. There is zero chance of anyone outside of the plant having access to controls of the power plant. Nuclear plants have only recently been upgraded to digital controls and none of them are connected to the outside world. You have to physically in the control room to affect their operation.
Right and they didn’t get into voting machines?
9
Hmmmmmm... that would explain the discrepancy between the results of the pre-election polls and the election.
I am really tired of hearing of the successful hacking of government, banking, and corporate networks. I am even more tired of reading assurances that all the latest and safest encryption is being used - assuring us that our data and infrastructure are safe. Apparently they aren't. Why should we believe that any 'smart' system is to be trusted? The trend to consolidate systems to promote 'efficiency' is the new god of the Information Age. Well it looks like we are increasing the ease and efficiency with which hostile operators can attack us at the same time as we get some relatively small advantages for ourselves. Thanks a lot, computer geniuses. Let's see what those brains of yours can do to fix the problems you have created.
3
Sorry to tell you this, it will only get worse. Businesses can not and will not spend the necessary money to invest in top-tier security infrastructure and personnel.
When companies fall victim to ransomware schemes, they are now willing to pay the price to decrypt their infected files because it is cheaper. They are literally setting the example that it is easier to achieve riches and notoriety by turning your would-be genius brains to the dark side.
Thanks Obama! How much did we hear from Obama about this and the US response? Zilch. This is not a Trump-Russia issue but a Russia- Clinton- possibly Obama issue.
"By 2013, researchers had tied the Russian hackers to hundreds of attacks on energy grid and oil and gas pipeline operators in the United States and Europe....
But by December 2015, the Russian hacks had taken an aggressive turn. The attacks were no longer aimed at intelligence gathering, but at potentially sabotaging or shutting down plant operations."
4
Zilch, if your only news channel is the GOP propaganda machine. How do you think they knew it was Russian hackers that got into the DNC? They even knew which machines were used. Even at that, Fox and Friends and Trump insisted that it was an inside job. For Obama to have done something significant would have meant postponing the elections to determine the susceptibility of hacking into voting machines and calling out fake news, much of which was repeated on Fox News as fact. How do you think that would have gone over my friend?
1
Totally bogus. Did you miss the 2013 date? One year after Obama said "I can be more flexible after the election" to the Russian amb? In the middle of his 8 yrs in office?
Ted Koppel's book "Lights Out," published in 2015, warned of this situation in frightening detail. The book was a NYT best seller, but prompted no response I'm aware of from the federal government, industry, or the electorate. Will this article be the catalyst needed to prompt every reader to contact their senators, representatives, and power companies? Or will everyone just go out and buy extra batteries for their flashlights? I'm contacting Duke Energy today, sending a letter to the editor of our local newspaper, and calling my congressional representatives as soon as I hit 'send' on this comment.
We all know it: if we don't hold their feet to the fire, nothing much will change.
5
I am amazed at the lack of coverage on other news outlets on this. Don't people understand that such an attack could cause millions of deaths? Compared to a conventional terror attack, this is much more important news
3
This has been a known intolerable vulnerability for years and should be treated as a national priority with some of the best cyber minds from the US high tech industry, government and affected utility industries working together to create 1) a short-term plan to plug as many deficiencies as possible, 2) a long-term plan to make significant changes to directly address cyber attack vulnerability and 3) a watchdog group to continuously monitor and evaluate industry compliance. I have a hard time believing we do not have the technical ability to build firewalls around critical infrastructure systems and to detect/deter cyber attacks.
2
"could have". US and Russia "could have" attempted to destroy each other many times over if they wanted to. Russia could shut off power in certain areas, could launch nukes, could nerve gas us all. Why don't they? Because ultimately there are people behind these decisions and they're aware that we could do the same to them very quickly (assuming that US military/spy operations are competent enough).
Power Plants?
Well that will pretty much brings the entire United States to their knees, Senator McConnell and Speaker Ryan.
So all future Russia hacks will be the responsibility of these two "Do Nothing" leaders of the House and Senate.
Use the money that we are going to waste on the wall to fortify the infrastructure they have targeted. That would be a way to really protect us.
3
We are stronger and smarter than Putin even if Trump & Co. are not.
We need strong, moral leadership we can proud of. Please vote.
Look what just happened in PA, we can change things, and get back on course.
1
What's next? Putin's march into the White House? Hopefully, it's just a nightmare and when I wake up in a cold sweat, it would have gone.
1
It’s not difficult to protect sensitive systems against cyber-attacks. It simply takes time, money, and competent engineering. The problem is that Americans want to spend their money on other things, and are too easily led by political and religious charlatans. Let’s remember that effective gun control is also a type of infrastructure, and that it has largely been held back by parties that I don’t need to name here. Same thing with the protection of systemically important institutions in the financial sector. The outlook for a national computer security infrastructure is cloudy at best. Moreover, we should not expect guidance from the supposed experts in organizations like the NSA, since they have a vested interest in discovering and concealing system weaknesses for their own use. Thus, we can expect to see a growing industry of private information security consultants and services, some genuine, some not, and some backed by Russian money, whose motives might be inferred from the substance of this article.
1
"It’s not difficult to protect sensitive systems against cyber-attacks"
Actually it is difficult. You dont know what you are talking about sorry. The issue is a big one but saying it is simple to solve is misleading.
These critical systems need to run off-line completely and there seems to be some minor movement to do so. But sadly until something really bad happens, I dont think lawmakers -- who barely understand a laptop and cellphone -- never-mind the security of them -- will do anything.
The attacks outlined here are not possible. You can't just shut the power grid off from a computer. There are electro-mechanical switches you have to physically press to make these things happen. The actual turning on and off of the system itself cannot be done from a computer. There are computer systems to hack into. They could mess with the billing or other non-critical systems, but speaking from experience having worked in those plants, this is not possible. Nothing to worry about here.
2
Whose brilliant idea was it to put our nuclear power plants online anyway? Hey look! I can pay my bills, update my FB account, look up the weather...and hack into a nuclear power plant! OH the internet! I have claimed for years it will be the downfall of civilization.
The fundamental question I have is why are important utilities connected to the internet? All of these facilities should have all the control systems connected within the site but isolated from the outside. We obviously had utilities before the internet so what is the logic and benefit behind opening up these resources to the outside world? Hopefully some bright NYT reporter will look into this.
Bill they are not connected to the internet and haven't been for years. Their office networks may be connected to the internet but not the power facilities. NYTimes trying to drum up more conflict.
We need to elect political representatives with relevant expertise in energy, infrastructure, cyber risks etc. How can we get voters on board with this urgent need?
The US is guilty of gross negligence rooted in 'complacency'.
The new war is in cyber space, not on the ground. Without diligent and vigilant safeguards, computer hacking can shut down an entire electrical grid, or blow up a nuclear power plant.
There were warnings before 9/11 that no one took seriously. There are warnings now that are not being acted on.
Idaho National Laboratory ran the Aurora Generator Test in 2007 to demonstrate how a cyberattack could destroy physical components of the electric grid.The experiment used a computer program to rapidly open and close a diesel generator's circuit breakers out of phase from the rest of the grid and cause it to explode.
This vulnerability was known then. Hopefully we have learned a lot more about this test in the past 10 years. Senator John McCain does not seem to think so in his comments in August, 2017 at a conference on cyber security: "...the current administration promised a cyber policy within 90 days of inauguration, we still have not seen a plan."
2
President’s oath is to protect the country.
Russia has the United States where She wants her. A vulnerable position.
45th POTUS has failed, yet again, in executing the duties of his office.
This is fake news. Having been in the nuclear industry for over 35 years, All computer systems involved in operation of nuclear plants are not allowed to be connected to outside networks. Maybe utility office networks are connected but I can assure you from experience that their cybersecurity is very extensive. USB memory has to be scanned just to be used in the office networks and nothing used on the office networks is allowed to be plugged into operating equipment without being evaluated by the IT department this includes dedicated laptops, memory, or even software updates.
Since late 2015 Putin went into cyber warfare mode against Europe and the US. Even picked Trump as a trophy instrument of his.
Trump had the warmest of accolades for Putin during and since the election
It is all clear why the so called President did not impose
the congress passed sanctions against Russia,which he
did belatedly two days ago.
If this isn't enough for the Republican leadership to
change their mind about their beloved traitor, I fear the
worst for the US.
1
Physically, these systems should not be connected to "the internet". Maybe they're not but then, what's the deal?
One of the dangers of this is that any identifiable (or mistaken) attack on our power systems could result in a nuclear response. Which would result in a ....
I recently have hopes that nature or even humans can find a way to eradicate our species in the cleanest way possible so that we don't destroy all life on it. All-out nuclear war is one of the least desirable ways to do that ....
In my opinion Russia is going to shut off our lights on November 6th and mess up our mid term elections. Trump will be in agreement with this process.
The US and its allies should take more serious and more effective action against the corrupt and murderous Russian regime: forbid all commerce and all travel from allied countries. Take all steps necessary to isolate them: don’t let their people into our country to attend the U.N. and then throw them out of the U.N. Severe steps like this are the only things that will work against Putin.
What to beleive? What is Trump doing? He has consistently supported his best boy, Putin, and denied that Russia had any part in his election. Now he is accusing Russia of the closest thing to declaring war on us. Or is this directed at his base in an effort to keep Democrats from winning Congressional seats? Whatever Trump's motive (if he even has one) it is the most dangerous thing any President had done in the last 50 years. Will he next get Congress to declare a National Emergency in order to suspend out Constitutional Rights? I know my fear sounds bizarre but we have a President who has no self control.
Surely we can also attack their infrastructure, right?
1
2 Things:
Time to stop using computers. (In Nicaragua, we could take care of patients with TB, fractures, appendicitis, leprosy, and deliver babies using 3*5 index cards as medical records without computers. I could see only half of the patients I used to see after computers came into use in the clinic, as I found myself typing all day and night, not taking care of patients or performing surgery.)
Will President Trump address this act of war publicly with the American citizens? What is the plan now?
11
Retreating into our caves will not solve our problems.
What happened to Obama? I guess his 8 years didn’t matter. What a surprise, the super genius thought Russia was our friend. But he did pick Loyola to win so he is good at something. Wait, he picked the only team from the state of Illinois to win its first game. A gutsy move.
However, somehow the Cathedrals of Notre Dame & Koln were built without computers.
Putting a mouse in someone's hand doesn't make them intelligent.
Someday a computer error, or computers on ICBMs while blast humankind back to our caves.
"I know not what WWIII while be fought with, but WWIV will be fought with sticks and stones" - Albert Einstein.
If this report is true, we are in serious trouble. Mitt Romney was right: Russia was, and is, the most serious security threat to the US. If this current situation isn't an emergency requiring immediate action on many fronts, I don't know what is. What more evidence do we need that we have been under attack from Russia for the last two years?
7
It's what this story *doesn't* say that I find most curious.
Specifically were these attacks platform independent?
By that, I mean: Were Unix based operating systems (e.g., Apple OS X, Linux, etc.) targeted alongside (or instead of) Microsoft based systems? Or (as is often but not always the case) were the identified threats all focused on Microsoft based operating systems?
As a retired programmer, I have noted that the news media have a curious tendency to frequently avoid talking about cyber risks in the context of which operating systems are affected.
I am old enough to remember how Microsoft pioneered the technique of prematurely releasing defective software and then allowed their paying customers to do the costly and painful debugging necessary to identify (and sometimes even fix) the problems.
Are the real and growing cyber risks facing the developed world perhaps the next (and so far most dangerous) consequence to this slipshod approach to software design?
19
We seem to be struggling to find an effective response to cyber intrusions and malevolence. Until we can levy a price thats an effective deterrence, this appears to only escalate.
While there may be short/mid term impacts, meeting force with force will compel any attacker to think twice. State actors need to know that even thinking about it will earn an immediate response that hurts.
2
The main difference between the USA and Russia:
In the US, bright young programmers are paid big bucks go to work for Apple, Google...
In Russia, they go to work for the Maffia or the Russian state.
8
Apparently, you've never heard of the NSA.
This is not a new threat, but I thought that the operational networks in these industries were generally considered to be secure. Has something changed?
1
Start with this:
Putin will not rest until he re absorbs all the former Soviet republics.
We are accustomed to present borders being fixed.
Putin rightly recognizes that borders are, have always been and will in the future be quite fluid. He wants his legacy to be the reestablishment of the former Soviet Union. He's quite mad you know.
5
Wars aren't going to be fought on the battlefield. It's this kind of cyber-warfare we should be worried about. Forget about building up the military and work on cyber security.
5
We have long known that corporations, including those which operate utilities, spend far too little on cybersecurity. When it comes time to evaluate the need for this stuff, the bean counters reign. It's more important for them to reward their shareholders than to guarantee that the lights stay on and our water is safe to drink.
If these attacks should occur in the future, I would hope that the U.S. has the means to retaliate. That's a serious concern today, with the efforts of Trump and his cabinet to drive career experts out of government.
7
Maybe critical systems will have to give more consideration to combining physical security
like banking keys that generate random numbers
only applicable to the user or being disconnected
from the internet all together.
3
We should completely decentralize the power grid to the point of solar and wind farms in small communities or on roof tops. There is no reason for it to exist in its current form.
8
It is the most inexpensive and effective power system in the world. Solar and wind turbines will never provide the amount of power America needs.
I am convinced that the USA is prepared to do the same to Russia. The American government knows how to hack the Russians and their fingers are on the switch to Russian power plants too. As much money as they invest for military purposes they are ready to turn the lights out in Russia too. Yes, the Russians are our boogie men and so are the Americans for Russia.
We are back to the 50ties and the scare of nuclear bombs on American cities, The children need to train to hide under tables or in closets.
Why are we so hysterical and paranoid?
3
One of the avenues that should be explored (because the Russians certainly have) is remote access provided to contractors and vendors for routine updates and maintenance to control systems. It expands the number of points at which access can be obtained, either through malicious code or social engineering, and greatly increases the vulnerability.
It would not be too much to ask that vendors do their work at the plant site and maintain a physical separation from worldwide communication networks.
6
Perhaps it's time for us to revisit our bone-headed philosophy regarding renewables that are more dispersed along with a new National Electric Grid that can better store and distribute energy on a regional basis and could support demands from other areas when there are natural or suspicious outages. We can turn our Miners into Liners.
Since the manufacture of PV panels and Wind Turbines have been supplanted by China, this would warrant a new perspective by the administration regarding the punitive tariffs and possible incentives for those manufacturers to establish US based production facilities to avoid the importation penalties.
I'm not holding out much hope that our current Neanderthal POTUS will think outside of his FoxBox, but his post-impeachment successor could be motivated to Make America Safe and Sound Again.
5
I just cannot fathom this.
I work for a financial firm.
Our producrion computers are on a network that is physically separate from the network that has access to the internet or any other extranet.
Why in the world would any piece of critical infrastructure not be handled the same way?
12
This mortal vulnerability is the cost and consequence of America’s insanely disproportionate focus on the Middle East, taking our eyes off Russia and China, the real potential dangers to us.
“Russian cyberattacks surged last year, starting three months after Mr. Trump took office.” Was Russia confident that Trump would continue smothering all criticism of Putin & Co?
[18.0316.1105]
3
All of these critical infrastructure suppliers need to rig their systems so they can be manually operated. Bypass computers connected to the Web and build enclosed systems. Cyberspace is dangerous.
160
The operation of these plants is probably "globally optimized", so the work cooperatively to minimize, say, total cost or environmental impact. To disconnect from the Internet means either build a separate "internet" (probably physically separate as well as logically), or give up optimization (which would be quite costly).
Absolutely right. You can't hack something you can't get to. The power companies must have been aware of the possibility a long time ago, but of course it costs money and convenience, so they did nothing. This is a national security issue and applies to other industries also (imagine if phones stopped working for example). The obvious answer is to nationalize critical infrastructure, or at least have strict rules, but in the current environment that's a non-starter.
2
Nah---we trusted Experian to protect our sensitive personal economic data,didn't we (not that we were given a choice).? Do you really think 1200 utility companies are about to shell out he cash and mental effort to do better??
2
Ted Koppel wrote a book called "Lights Out" about what would happen if the grid went down. This stuff makes Russians mucking about in the U.S. elections look like child's play. Really frightening.
7
You might be thinking that perhaps we should not have our energy grid connected to the internet.
And if you're thinking that, perhaps you should think about why our election system and voter rolls are also connected - to any degree - to the internet.
8
Dying trees, frisky squirrels, and wind have done more damage to our power systems than Russian hackers could ever hope to achieve. Put all power lines underground (and upgrade their hardware/software controls while we’re at it).
2
So what are "we" doing about it? I am so tired of the media and the government and everyone else shouting about all the scary problems that exist without any reporting on what can be done to solve the problems, This goes for gun violence, for the environmental issues, accidents like bridges falling as well as for Russian cyber attacks.
Even if the ignoramus in power hasn't a clue, doesn't any writer ever research and interview people who might have positive solutions? Our national psyche and ethos are in the gutter.
4
Can we stop accusing the Russians and please strike back? Without any consequences for their actions, they will continue to use their cyber-firepower to undermine and weaken us. We have the ability to fight back -- we invented all the tools they are using. Why are we sitting here and taking it passively??
2
Wouldn't it be better to spend out time and money making our infrastructure vulnerable to cyber attacks instead of starting a war with Russia? No on in the planet would survive a war between the USA and Russia.
Presumably, people who are willing to tune out the consequences of manipulation of democracy might finally grasp the essential malevolence of Vladimir Putin when they find themselves unable to run their air conditioning or access TV and Internet. Russia's entire economy is approximately 2/3 the size of Italy's, even with all of Italy's difficulties. Under Putin, Russia cannot achieve greatness except by cutting others down to size. Putin is the guy who does the cutting and this is how he does it, by hurting all of us. Defense of nation used to be a bipartisan consideration. Devin Nunes and his cohorts who are running around doing everything they can to minimize the harm that Russia intends for us are at best stooges, and are starting more and more to look like actual traitors.
3
To big business, people are reduced to numbers, almost like numbers on the dollar bills, with one exception...
The dollar bills are always worth more than the people
2
How much are we going to take before we remove Trump and save ourselves?
How much? Another Republican War? They have not paid for the last three!
6
"We now have evidence they’re (the Russians) sitting on the machines, connected to industrial control infrastructure, that allow them to effectively turn the power off or effect sabotage...they could have sabotaged or shut power plants off at will." The Russians and Putin were prepared to engage in massive sabotage with their ability to shut down America's power grid and infrastructure, they also put in place a blockade which they simply needed to trigger. Sabotage is a basis for war; a blockade is an Act of War. A blockade is any effort to partially or totally cut off supplies, or materials, or communications. As is the case here, it is directed at an entire country or vital regions, rather than to say fortress (which is a siege). Lt. Gen. Paul Nakasone stated: "Right now they (the Russians) do not think much will happen to them...They don’t fear us.” No surprise there. No one should be surprised that Trump has said little to nothing about the Russians and when penalties have finally come they've been so light. The Russians have been turning all of Trump's switches on and off at will, he's is either compromised by the Russians or is in direct collusion with them. In any case, Trump has repeatedly shown that he is entirely unfit to defend America from what is now, once again, our greatest enemy. Americans should be terrified that Trump won't defend the country as Russia keeps trying to destroy it. Trump is in bed with the Russians and Putin, he needs to be removed.
It is encouraging to have a federal administration that does not believe in science and is antagonistic towards it.
2
Will this be enough for the so-called president to finally order the NSA to counter Russia's cyberattacks?
Or will Trump continue to accept Russia's help in attacking our media and throwing the next two election cycles?
4
It seems to me that by not burying cables in the ground, like most countries, a simple storm can and does knock out power all the time. Is Russia any worse than the average March nor-easter, I wonder.
You see here is the problem of shortsightedness. You have a tax cut that takes a trillion dollars out of the treasury, this money, about 40 dollars a week to most workers, millions for the rich, this money could have been used to train people, to create the best cyber security team in the world, now where are you going to find the money for this and any other not figured in threats that may pop up in the future. Maybe the rich, will care enough about the country to donate the money for such a strategy, or maybe they will buy property in Europe or buy islands somewhere, that they can fly to if things go sour here. If most rich people are like Donald Trump, I would say the bags are always packed and the Airplane is always fueled.
5
What did Trump know about this? When did he know about this? Why has he done nothing about this?
What did Ryan and McConnell know about this? Why have they done nothing about this?
Does Paul Ryan still stand with the Tom Clancy reference to Russia in the House Committee’s report?
What does Devin Nunes think of this?
What’s more important to the GOP: investigating Hillary Clinton for some ridiculous conspiracy or defending the country?
How do Trump, Ryan, Nunes, McConnell and the GOP define treason?
Trust the rest of our media will do their job and continue to hold those in power responsible.
4
I'm always impressed reading articles about how advanced other nations are re computers/hacking etc., yet here in America we think we are so far ahead and foreign nations come to us for our technological greatness. And then, I read 'they' can turn my electricity off and my home is now dark, and it really depresses me because it reminds me again, and again, and again. Maybe we are not so far advanced as we think we are. Like, is it prudent to listen to our PotUS and believe him, or read the print in our newspapers, mags, etc.
This is election hacking squared. What is our actual recourse for this besides shutting off the cash spigot for a handful of oligarchs? I can only we’re able to respond in-kind so there’s guaranteed mutual destruction. Sounds familiar doesn’t it? Same war, new weapons.
Some 10 (?) years ago the Wall St Journal reported on these intrusions. Also by the Chinese (and we can assume the Iranians and N. Koreans). So why has nothing been done since? (A guess: the power companies probably say they don't have the money. Lame excuse.)
1
Is this just a case of 'tit for tat' - you crash our grid, we crash yours?
I am more concerned about the financial institutions. Most of our money is digital and could all disappear with the press of a button. That would lead to anarchy. Perhaps that is why there is the interest in block chain as a technology, is it harder to corrupt?
1
What about hospitals, the infirm and the elderly?
This article fails to even mention FERC - the Federal Energy Regulatory Commission, who is responsible for Cyber and Grid security in the United States. Their regulations are a joke in the electronics industry, as FERC views cyber security as a physical access issue. That is to say, they regulate physical access to the equipment, but not the control systems themselves. It's a waste of time, of course, because it's impossible to prevent physical access to a system that runs everywhere, to everyone.
3
Why do people keep saying Trump Trump Trump. Read the dates that the attacks took place. Its not like the president is responsible for everything good or bad that happens in the world. I think people just don't know the names of anyone else to blame.
1
Our political leadership is grossly negligent. There is no attention given to what is strategically important to protect and develop our country. Its all light weight nonsense, 24/7. They are poll driven, passive, and irresponsible.
There is no forward vision, no capacity to identify our vulnerabilities and actually be proactive in addressing them. The fact that we are open to cyber attack, and that it could be catastrophic, is not news. Except to our political class, apparently.
If this is the best we can do, we're going down.
2
Maybe we should all think of going off the grid and just using cash. Self-reliance rather than waiting for government intervention. Our elected officials seem to be only concerned with the next election.
1
Really, with so much of this technology created, discovered and originating here, we don't have the advancements to predict, be protected and stay ahead of the threats? OMG, is the trickle up of our wealth keeping R and D stagnate to protect us. Is the empire being destroyed from within by greed and our adversaries giggling about it.
Maybe if our President was not a traitor, more interested in his Russian business dealings than being loyal to the critical interests of our country, we could effectively address and counter such acts of war against us.
Our founders, our brave, patriotic soldiers of every era throughout our history, who gave their lives for our very existence, all cry out from their graves to restore sanity here.
To restore our government to one which is loyal to America.
They didn't die for what we have now.
4
So right now we consider Russia a rogue state, on the threshold of committing terrorist acts against the US, right? So there should be a VERY STRONG response from an administration that is primarily concerned with putting America First, right?
2
I've always thought that the power outage that blackened the east half of the U.S. in 2003 was some sort of espionage activity, but the government said otherwise since it was relatively soon after 9/11 and it would have sent the country into panic.
Why are computer systems for our critical infrastructure accessible on the "regular" web in the first place? It sure isn't a recommendation I would have made. It's a bad idea.
Some of those Republican attitudes about Science are destroying basic research and are slowing up our cyber capabilities. These issues should be as politic free as possible but that will not happen under king Trump and friends. Why are we not well ahead of Russian cyber efforts? Why have we failed to build Cyber attack free power plants and protect other vulnerable institutions such as Hospitals and traffic control etc.? How do we respond to these Russian attacks? The Cyber world is the new battle front and we better start using our brilliant young people to work on such issues: Perhaps before we destroy our own education system from within.
2
The US has been attacked through cyber space. Call it what it is: Cyber war. We are in a cyber war with Russia.
1
The Russians ALREADY shut off the power in the USA!
i.e. The power of our nation top run itself without collusion, tampering, and apparent manipulation!
Without legitimacy and transparency, the power of any government is shaky, the power of democracy is browned out to near-zilch, and the power of the nation to run itself is seriously short-circuited.
3
If Russians are cyberattacking in this manner, then the U.S. must respond in like manner. American hackers should shut down Russian infrastructure, electric power and power plants in retaliation.
America is the home of Silicon Valley and the originator of the internet. It should not be that difficult to find patriotic hackers and computer specialists to attack Russia with all we've got. Only then will they learn their lesson. We cannot be sitting ducks here...
1
Trump should just ask Putin if he did this and when he says "no" that will put everything to rest. Then he can go back to ruining our country.
3
One way to find out if Trump is in collusion with Putin is when the hackers turn off the electricity and the Trump Towers are shining bright.
1
It has become very obvious that it is Russia not North Korea which is our main adversary armed and dangerous - armed with digital power that can shut down our country with a few clicks. They have invaded our soil capable of bringing our country down to our knees. They have clearly shown us their dangerous capability to destroy us in every way - political, social, economical, our world relationships and now the very basics of daily American lives - infrastructure! We have been attacked. Period. While we keep throwing billions at our defense juggernaut, Russia is attacking and winning with a few millions. What is unclear about benefit of damage? Simple answer - Absolute Power! Brains v/s brawn. Guess what's winning. While we bicker and sycophants like Nakasone keep our very compromised leader happy with lies, Russia is stealthily moving in. " America First "? What happened?
Welcome to modern-day warfare.
And our president:
Takes photo ops with Lavrov/Kislyak in the WH
Shakes hands and talks with Putin at every opportunity on his overseas trips
Failed to acknowledge Russian interference (until this week)
Failed to strongly support our allies
Is under INTENSE investigation for financial crimes involving Russian interests
Hired a plethora of folks on his campaign and administration who are connected with Russian influence.
To the 36% of his base.....that's why we have been so active and passionate in our politics!!
4
A simple diagrammatic explanation of how this is achieved would be helpful for the non technical.
Suggestion to Mr.Trump- forget about the expensive and unnecessary wall!Instead focus on the real threat to the United States, cyberattacks on us by Russia and other bad actors.This affects all of us and could threaten our economy and safety.
1
Accusation comes "after" Mueller subpoenas Trump. What kind of dog and pony show is this?
2
Russia is emboldened. The world's guard dog is no longer on watch. There are no consequences for bad behavior. Why not push to be seen as all powerful?
1
So what is the Trump Administration going to do about it?
1
Why is this information being spotlighted by the administration at this moment?
1
Control systems at U.S. nuclear power plants are entirely separate from the internet. Period - the wires don’t touch. If Russians wanted to take control of a nuclear power plant, they’d have to do it by mental telepathy.
Believe it or not, the smart people who designed and run nuclear power plants considered the possibility they could be hacked decades ago. This is one of the most highly-enforced regimens - no disk drives, no USB ports, to which to hook your laptop, no WIFI anywhere near the control room.
Making any references to “nuclear” in this article nothing more than fearmongering clickbait which is currently blocking humanity’s most promising avenue for addressing climate change - carbon-free nuclear energy.
3
Since you missed the fact that the article very, very clearly says that the hacking got into the "business networks," of several nuclear plant operators but did not jump into actual control systems, your assurances about nuclear plants are less than reassuring.
Robert, the Times reports “United States officials and private security firms saw the attacks as a signal by Moscow that it could disrupt the West’s critical facilities in the event of a conflict.”
Because the implication Russians might be capable of somehow “jumping” into actual control systems at nuclear plants is a physical impossibility, the inclusion of “nuclear” here is spurious clickbait.
This is horrifying!
"The Trump administration accused..."
OK to believe anything coming from current administration? Just checking, what with the up is down/down is up policy.
2
Why would someone attack if it is so easy to identify soirce of the attack. I mean, first time maybe it was a resonable risk, but after. And what kind of damage it cause for what gain?
This is another moment that history will look back on as being very similar to the Jihad chatroom buzz that preceded 9/11, the moment that we could have prevented the worst, the moment of missed opportunity. Back in early 2000, we needed a real President, an administration not composed of grifters and thieves, just as we need one now. If America had made the right choice in 2016, we'd not be led by Putin's errand boy, a stooge bent on turning our attention away from Russia, but we'd have a real president, a woman who would have appointed a task force to look into Russia's dirty tricks, and crafted a response. Instead, we're destined to remain in the dark, figuratively, but someday soon, quite literally.
When are we all going to wake up to the fact that our country's leaders have not protected us from cyber threats, that the president and most Congress persons and Senators don't understand the Internet (much less cyber security issues) - some don't even use email yet! We keep electing 70 year olds who are uneasy with tech -- and they have failed to protect us while hostile foreign powers - not Mexicans -- have gained control of our infrastructure. When the lights go out and your ATM goes down I hope we all have some cash and batteries buried in the back yard.
Why aren't we spending the millions of dollars the Obama administration allocated to fighting Russian cyber-terrorism?
Why do 85% of Republicans believe Trump is doing a good job? Greed? Brainwashing?
Let's override the Trump minority via voting out every Republican on November 6, 2018 and pray it isn't too late to best our Russian enemies.
Hopefully very soon the Robert Mueller team will wipe out the Trump international crime family, team and appointees by prosecution for their treasonous crimes and corruption.
Anything less spells the end of our beloved democracy.
2
Trump has stated he wants to work on a joint cybersecurity effort with Putin. And he had Russian officials meet with top American Intelligence Community Officials recently, maybe to take a look round at our set-up, no photos please. He has barred American Journalists from a White House meeting while welcoming only the Russians. Eric Trump apparently let slip they have all the money they need from Russia. Can Mueller go a bit faster?
1
All public evidence to date strongly suggests that Trump is a puppet in Putin's pocket. When will the GOP stand up for America?
As in ancient times where barbarian hordes were invading cities, Rusia resort to his only resources: weapons¡ unable to advance his country economicaly as China did, despite their vast economic resources. The sanctions were only imposed after Putin invaded Ucranie, like the hordes mentioned did.
Rusia should be an economical world power ahead of China if they would use its technology and vast natural resources wisely insted of investing of development arms,
So what is trump going to do about it, nothing.
1
It seems that these Russian cyberattacks began during Barack Obama's first term, and continued unchallenged until he left office 14 months ago. Yet many of your commenters place the blame for the situation ENTIRELY on Donald Trump - and none whatsoever on Barack "He Who Can Walk On Water" Obama. Very interesting.
Also... we are told every day that the reason for the Russian election hacking was that they were eager to have Trump and the Republicans control the US government. Yet your article says that the cyberattacks surged last March, two months after Trump took office. That doesn't make sense. If the Russians were so desperate to keep Trump in power, wouldn't they have stopped all the attacks as soon as Trump was inaugurated to make him look like a hero?
I eagerly await "proof" that Donald Trump was also responsible for the Great Depression of the 1930's, the "Black Death" bubonic plague of 1348-1351, and the original Ice Age that destroyed all life in earth millions of years ago.
I'm sure Congressman Adam Schaffer has all this proof in his briefcase.
2
Remember that our best and brightest" technocrats have given us (impossible to determine which is most trivial, except 6):
1. word processing (Gates)
2. "look at me" (Zuckerberg)
3. ads (Brin and Page)
4. a rocket to Mars (Musk)
5. shopping (Bezos)
6. spying on Americans (NSA)
so there's nothing to worry about here, folks.
100
Besides the glaring errors in your list (word processing programs existed before Bill Gates wrote his first computer program) Facebook types of programs existed before Zuckerberg. Musk didn't invent intero stellar rockets and his has not flown yet. and on and on. The fact that America has fallen behind on anti-cyber war technology lies at the feet or the Republicans who for at least the last 9 years have refused to allocate the money needed to create more secure systems.
4
Let's be clear--Gates created the operating system that underpins the vast majority of commercial and personal computing systems across the entire world (word processing was around long before Microsoft Office was introduced in the 1990s).
1
You're confusing the ability to make money with the "best and brightest", they may be smart and business savvy (i.e., finding market niches and inefficiencies and exploiting them for financial gain), but that does not make them the most able and "brightest" to solve the problem.
1
Anybody heard of Stuxnet? US and Israel introduced cyber weapons on the world, targeting Iran. This virus escaped and threatened to take down infrastructure worldwide. Of course, Israel and US are “Good Guys” it’s OK for them to develop and deploy these weapons. Not Russia, China, Iran, etc. Got that?
1
Now do you Trump lovers realize what the consequences of chaos and incompetence in the WH are?
Well, Draw Man, I suspect most of them came to that realization about eight years ago, and that’s why they voted for Trump...
1
They're just probably trying to remind dear leader that he is not following through on his deals he made with them. This country will be held hostage to Putin until we get rid of this loathsome criminal we call a president.
1
At least Vermont Yankee is shut-down.
What does our good leader's gut tell him he should do today? Watch TV? Play a little golf? Build the world's greatest graffiti magnet? Fire a few people? Order out some KFC? MAGA?
Have a parade?
Yes! Lets get ready for a parade. A Saint Patrick's day parade! The best idea ever!
If only he were Irish.
When Trump's Fox & Friends Feed shuts down and his refrigerator stops running thus ruining all those take-out cheeseburgers he might wake up....but I doubt it.
1
Hitler's first act of aggression was when he defied the terms of the Versailles Treaty and effectively rebuilding the German army. By today's standards, Russia is also aggressively thumbing their nose at the U.S. by potentially taking down power in the U.S. This would be catastrophic!
1
Shall we play a game?
I want to play global thermonuclear war.
How about a nice game of chess?
-WOPR
1
What has Putin got on Trump that makes him such a wimp? Why has this administration done so little-- Is it possible that Trump is actually on it? I cannot believe that anyone elected as President could be so stupid or weak that they refuse to act or speak out on Russian meddling. Trump has issued no directive at all to the NSA to counter the Russian attacks to date. His silence on this speaks volumes.
Until very recently many American government agencies and industrial infrastructure used the cyber security software Kaspersky as a less expensive option to Symantec’s. Kaspersky is a Russian company with ties to the Kremlin.
Only an idiot (or someone acting in complicity?) would not have seen that Kaspersky was a cyber weapon aimed at disrupting America and the West and stealing personal data from millions of people.
Trump should ask Putin nicely to please not destroy America.
Thank you, Generals Kelly, McMaster and Mattis, for your service to President...Vlad Putin.
So conspiracies really do exist? At this point there probably isn't anything the Russians couldn't be held responsible for, and demonized over. What is next, a public caricature exhibit of the Russian Race, with demon guises, black eyes, red banners and brandishing sickles and hammers? The NYT is right: the Night of the Long Knives and Holocaust isn't over.
2
Trump is the ultimate Russian Manchurian candidate. Yet the Republicans are paralyzed and refuse to do anything about it. Not sure if the Russians are within the gates yet, but they are sure busting hard at the gates. Brace yourselves for the onslaught. Because the ones who will suffer are the American people including the fools who support these traitors.
If the Times is to be an honest newspaper instead of an ideological axe grinder, we need a full report on U.S. cyber operations against Russian targets, which government started first and what can be done to get both to back off. And if the U.S. is an innocent victim that has not engaged in cyber ops against Russia let's get that story too, front page, not buried somewhere in the paper. Readers, demand CONTEXT from the Times.
2
What is the government doing???
Why are we paying all this money in taxes??
What is the NSA and the government doing???
Good thing we’ve got the F-35.
Well, here we are. Maybe Republican leaders thought they could make a bargain with the Russian devil, defeat Hillary, and get away with it. Putin was on their side, a useful ally. Now we find out that no, really he wasn't. He playing them for fools, useful idiots, as Lenin called it. Now Putin can blackmail us, causing our energy grid to collapse, and so, what are our Republican leaders going to do about it? My guess is, they will do whatever he wants, doing things like the House Intelligence committee just did, and denying Trump colluded with Russia.
Mr. Cornelius's reliance on mutual assured destruction deterring a crippling hacking attack of US infrastructure from Russia misses an impt point. The Russian hackers are not Russia, tho they operate with the tacit approval of the Russian govt. Their relationship with the Russian govt may be so attenuated that a counterattack on Russian infrastructure would not be directly injurious to the hackers themselves, who may identify little with Putin et al.
We have been hardening our infrastructure from cyberattack for at least 30 yrs. I understand methods of attack change with technological advances, but if we have achieved as little as this article implies, it's time to stop spending trillions chasing Islamic terrorists around the world, cutting taxes, and electing self-absorbed idiots and get to work. Before it's too late.
1
Donald Trump likes Putin. So ... Putin is our friend? Who are our enemies?
...and who did Russia get this technology from? America's own NSA. We invented it. Not many news stories about this, unless you watch the film "Snowden." Where is Edward Snowden living these days? Moscow.
1
So as I understand it; It's OK for Israel and the USA to cyber attack Iran. But when Russia threatens the same thing to us, well thats a cat of a different color. Sounds like what the CIA refers to as Blowback.
Don't do to others, what you do not want them to do to you, seems like the best policy to me.
1
It is pretty clear that Russia is taking full advantage of the weaknesses bought on by the election of a clueless moron. They are playing with Trump, feeling him out. What they are finding is a country that is deeply compromised and unusually vulnerable. In other words we are suffering the repercussions of a careless electorate.
1
"They said the strikes accelerated in late 2015".
Wasn't that on Obama's watch?
Just 'sayin..........
What difference does it make, “megachulo”? (Such an arrogant appellation)
Obama is gone now for over a year; it’s Trump who is responsible to make sure America is protected, and he’s highly untrustworthy when it comes to dealing with the Russians. He has too much of his personal finances and business entwined with the nefarious Vladimir Putin. Trump could easily sell us all out for his own gain and mega-ego.
And to protect the citizens of the United States, the President wants to gin up a Space Force.
This is war, plain and simple. Are we at the mercy of a foreign dictator? He seems to have America in the palm of his hand. He's already installed his puppet in the White House and now seeks to make US citizens his serfs.
Decades ago, Nikita Khrushchev boasted to President Eisenhower, "we will bury you". It now seems as though that prophecy has come true. Russia now has America, and its president, on a very short leash.
3
You forgot the memo from Obama. The Cold War is over.
I guess Mitt Romney was correct. Raise your hand if you that he was an idiot. Who was the super genius that thought the idea that Russia was our number one enemy was laughable? Who was the super genius who thought we should restart our relations with Russia?
how do you do Americans?..
you think you can cripple Russian economy with a total impunity? Russia is not Iraq or Libia that you can destroy and walk away. Russia has guts and very big capabilities to bite back.
The headline says that the Russians could have switched off power. The Department of Homeland Security report does not say that. Where does that inaccurate information come from? More accurate is that the Russians successfully entered a power station network, and accessed data. The Bloomberg article on the same report was much more accurate.
This article was sensationalism, and an effort to get more clicks on a reporter's article. Shame, shame, NY Times.
2
If the NYT and American Democrats – having downplayed or ignored the Russian threat for an entire century – are finally awakening to the fact that the Soviets ... er, Russians, are problematic and are not to be trusted, fantastic!! Perhaps BHO will apologize for his snarky comment to Romney, about 1980's foreign policy? Perhaps this paper will now apologize for said century’s worth of pooh-poohing legitimate American concerns about the Bear?
The media and the American left have spent the last year blaming – of all people – Donald Trump for Russian misdeeds. Perhaps, just maybe, the problem actually lies a bit further East.
And perhaps, just maybe, THIS TIME, when conservatives express concerns about Russian intentions, the NYT, the rest of the media, and the American left won’t go whining about red scares and witch hunts. There really were reds, there really are witches, and you SHOULD be scared. Or, at least, deeply concerned.
1
When did President Donald Trump know about this and what did he do?
1
If this is true it is monumentally stupid to have power grid components on the public facing Internet! Forget punishing Russia this should be fixed ASAP. Might as well have the nuclear missile launchers on the "Internet of Things" too.
2
In Chalmers Johnson's book "Nemesis" he quotes part of "Protocol Additional to the Geneva Conventions of August 12, 1949 relating to the Protection of Victims of International Armed Conflicts (Protocol 1, June 8, 1977, which states, "It is prohibited to attack, destroy, remove, or render useless objects indispensable to the survival of the civilian population such as . . . crops . . . drinking water installations and supplies.. . Johnson notes the United States is not a signatory of Protocol 1 "but this does not absolve it of the charge that its behavior (in bombing Iraq) was profoundly immoral."
These actions continue today with multiple countries bombing civilians and their supplies - As Johnson states, "the bombing (in Iraq) violated international humanitarian law and made the United States liable to charges of war crimes."
As do,I think, the destruction of computer systems that accomplish the same goals.
The Oathkeepers and Three Percenters and the even less reputable "good people" chanting in Charlottesville that "Russia Is Our Friend" have a back up plan for the American future that is democratically, inevitably tilting towards a pluralistic, racially diverse, and progressive nation. And it is a little help from a "Friend." Do yourself a favor, and make an emergency plan for you and your family in the event of an unexplained, prolonged power outage/precursor to a Russian-sponsored, alt-right insurrection.
"You Will Not Replace Us." - protester chant, Charlottesville riots 2017
"Chaos Is a Ladder." - Petyr Baelish
"What You Think All the Guns Is For?" - Christopher Wallace
RELAX!
When the Russians purchase a president, it's normal to want to insure the deal with a few items.
Fortunately, they'll have complete control after the 2018 elections, and they'll simply legislate for their needs.
The Rule of Law - what a comfort.
Trump: "It could have been anybody. A 400-pound guy in his basement. We don't know."
4
Is Donald Trump stupid?
Lt. Gen. Paul Nakasone, who has been nominated as director of the National Security Agency and commander of United States Cyber Command, the military’s cyberunit, said during his Senate confirmation hearing this month that countries attacking the United States so far have little to worry about.
“I would say right now they [Putin and the Russians] do not think much will happen to them,” General Nakasone said. He later added, “They don’t fear us.”
2
In Miami they can identify what are the devices you have connected to each outlet of your home, so they can send high powered electric beams in order to permanently damage, for example, your TV sets, your air conditioning unit, or your Internet router. Or put in fire your entire home.
I'm an electrical engineer and that's not true
1
No, M Martinez, “they” cannot send “high powered electric beams” into your house.
The Russian cyber attacks have been ongoing for some time, even under the Obama administration. So please stop with the hysteria and rants.
To a die hard Trump fan like you, being concerned with our country's security is "hysteria". No wonder Democrats are winning in red states.
1
The Russians are responsible! They wormed their way into the architects computers with malware and changed the plans so that the power plants will stop working and have a meltdown! RT had an interview with Putin, who claimed personal responsibility. Quote: "We have target of power plants in US since nuclear is very important to Trump business interests. As Russians we have jealous of warm weather and blue sky and good seashore. So make power plant infrastructure and safety go away, so will Americans. Then Russians can come from Havana and get precious landscape and fertile gardens for Oligarchs."
First it was Hillary's email and DNC server hack. Then it was their backing of Trump. Then they made the bridge in Miami collapse. Now we learn they are targeting our power plants. And a few days ago they tried to kill two ex-spies in England. What will they do next!? I fear we will have to be careful of Starbucks coffee, mattresses from Walmart, lamb chops from Costco and insulated hoodies from Target! Nothing is safe from the Russians. Our only solution is to boost peacetime spending of military budgets and corporate investments in weaponry, new bombs and jets and subs and new uniforms and sharp pointy knives for our troops. And what about our cars? They can hack the electronics and make all the cars crash into each other during rush hour and create chaos across America! The Russians have landed in our computers and cell phones and twitter accounts! Nothing is safe! Help!
2
Allegations are not credible evidence. Highly likely is not evidence, after Iraq, we should demand CREDIBLE EVIDENCE, especially with a man like Trump in the Oval Office.
Why would the Russians use a poison easily traced to them? What happened to the diplomats getting ill in Cuba? What about the 20 some British people also affected by the military poison agent? Why not show the evidence if there is any?
We can't afford to be so gullible taking"highly likely" as credible evidence we can believe.
We can expect some critical thinking from our journalists. As it stands it is like the government controls the MSM. There are no critical questions in the MSM, THEY ARE NOT DOING THEIR JOB.
3
Wow, it seems like Putin truly knows what he's doing: knock the competent administrator out of the presidential race and put a moron instead. Tilt the congressional elections in a few strategic districts in favor of conservative extremists and let the Republicans elect their usual know-nothings in the areas they dominate and voilá, the U.S. is neutralized, and he is free to build his tzarist empire.
Sad and scary. Wake up America!
5
do we really believe what we are being told?
1
Looks like it, Bruce. As Josef Goebbels once said,"A lie told once remains a lie but a lie told a thousand times becomes the truth." Or, "Propaganda works best when those who are being manipulated are confident they are acting on their own free will." Or, "...the rank and file are usually much more primitive than we imagine. Propaganda must therefore always be essentially simple and repetitious."
So say it loud, often and simplistically delivered with no facts and evidence - because who needs it?
Gee, maybe Putin's not such a nice bro' guy after all, Donald.
Its been obvious for years that independent energy generation at the local level, especially as the household level, not only defends against natural disasters, but also against deliberate attacks on the national grid. Washington, sadly, will do nothing to advance this capacity because there would be big corporate losers in all the antiquated energy business models, including nuclear, who are happily writing checks to keep the coal burning and the frick fracking.
If and when the attack actually happens, the response will no doubt be to upgrade the national grid, lining the energy industry pockets coming and going.
We are going to have to just do it on our own.
1
What strikes me the most in this article is that this has been going on for a while, with our knowledge. Why?
1
We recently spent 3 days without electricity during the last two nor’easters and it was not fun. We had to improvise and used our fireplace for heating and cooking. I got our kerosene lamp out of storage, and put four blankets on our bed to stay warm. And, that was just Mother Nature taking care of our old electric grid. I can only imagine where it will all end when the Russians pull the kill switch.
And, instead of making plans to fix our infrastructure, and defend the country from the mad men in Russia and the White House, Republicans are busy aiding and abetting by raiding the treasury and dolling out Trillions of dollars to the 1% Club, and issuing reports that exonerate the Russians.
It really feels like we’re living in a decaying Banana Republic where our leaders are quickly loading their planes with gold bullion to escape before it all comes crashing down.
May God help us.
5
You couldn't script characters more woefully unfit to meet the challenge of Russian aggression than Trump and the loyalist in his administration.
Ignorance is killing this nation.
Pull the plug! Why is this stuff accessible over the Internet in the first place?
2
At some point do we get to physically sever all of Russia’s connections to the Internet, all access to the banking system Swift and since we don’t need their oil ..... but Europe needs Gazprom, some kind of boycot/embargo, and see how long Vlad lasts.
Trump’s inaction re Russian aggression is treasonous. He is failing at his primary job of protecting the country. Impeach with extreme prejudice.
2
Imagine what life would be like without electricity for, say, a month, after our Russian friends (hiding behind their 20,000 nuclear weapon shield wall) destroy our power-generation/distribution infrastructure before invading Lithuania, Latvia, Estonia, Ukraine and Poland, say ... .
But you don’t need to imagine anything at all. Study Puerto Rico.
2
Putin works hard not smart. If he wanted to disrupt US power supplies, all he had to do is hack Hydro Quebec and the eastern states go black.
Maybe the Obama administration could have done more. But here's why the Trump regime is worse - much worse. First - the moron that is our president says he believes what Putin told him. Not enough? Trump has, to date, denied everything we know Russia to have done - and sided with Russia over those American agencies whose jobs are to protect us. And finally, he has cut taxes such that there isn't sufficient money to do those things essential to keeping us safe. He is the worst president ever, and spreading the blame is denial of that, and willfully, dangerously so.
1
Why do we only read about cyber attacks from Russia, China, North Korea..etc. Do we not have any defense against such intrusions or offense against the attackers? or is it selective reporting to the public? If our government is spending billions in military hardware, aren't part of that in cyber warfare development? because we are at "war", the only difference is that there are no dead bodies or bombed cities to report but the harm is just as devastating if the US and our allies don't step up against such attacks.
Maybe it was some 400-lb kid in his mother's basement.
It becomes more clear with every passing day why Putin wanted Trump in the WH. He certainly helped getting him elected and is now free to commit devastating acts of war with impunity.
Yes, I'll say it again and again as I have stated since before the election- Putin would love nothing more than to have this moron in the WH. He is the true Manchurian Candidate.
I am frightened every day this liar is in office and is helping Putin ruin world order on an international level without needing to fire a shot.
1
The Russian hacking of our critical infrastructure, the Russian hacking of our election process, both are an act of war that demands a strong and coordinated response.
Why do the republicans and Trump continue to ignore these very serous issues.
Russia, much like al Qaeda after 9/11, has won. Regardless of "collusion" or any other meaningless term or concept, we have a United States President who is literally afraid - AFRAID - to speak out against Russian actions because of self-interest and fear of his own situation.
Al Qaeda won by dividing us, not by killing us. Putin is winning by doing the same.
M.A.D. works so long as the people who can launch are rational actors.
Not just a careless or unhinged Trump or Putin: an unhinged or careless rank-and-file hacker and all hell breaks loose.
And not only a Russian one, in the event that anybody is naive enough not to know that the US is equally deeply embedded lurking in Russian cyber infrastructure.
The Trump administration is a failure. impossible to trust. They haven't earned anything except derision.
1
The United States should install its nuclear weapons in Poland, Ukraine and Taiwan.
Let's maybe stop relying on the internet and/or networked systems to control everything important to sustain safety and power in the country? Bicycles, sun dials, and carrier pigeons?
"Shame them" into stopping? Please.
The Russians are malevolent actors on the world stage and they harbor aggressive designs against the West - particularly us. Until we exact a price for their cyber attacks, Putin's minions will continue to launch more probes.
Why are Americans so supid when it comes to securing our properties through Internet security. Did we not invent the whole thing?
Lets face it folks, the russians are our enemy, not the poor or the immigrants, not women, the LGBTQ community, Mexico, Canada, Australia, the press, the constitution, the rule of law, the intelligence community, Mr. Mueller or our ALLIES.
At present, we have no leadership, no president, no congress to represent us. Why? Because russia wants it that way. We must not allow our enemies to destroy our country or that of our allies. Nothing short of Victory, should be tolerated. We must stand with family, friends, allies and defeat the "RED MENACE" by any means necessary. No matter what. This coming November Vote like your life depended on it, because it does.
If all these security researchers (government and corporate) can see the fingerprints after the fact, why can they not build security systems that are robust enough to prevent this in the first place?
If this has been going on for 18 months, why are we hearing about it now? What have the security researchers done during the last 18 months to make our infrastructure more secure?
1
Hope to get an explanation as to why they can’t be cleaned out of the computer systems. Or simply replace the systems. This is More urgent and important than most other military and infrastructure spending.
It's all well and good for the "White House" or "the Trump Administration" to acknowledge these attacks. But will Trump's own personal reality processors "save as" this as "news" or "FAKE NEWS"?
Tweety has never demonstrated any understanding that his primary responsibility is the safety and protection of the United States. Why is anyone surprised?
This is alarming! Let's build another aircraft carrier!
1
How about if you don't know this fact, you don't get to vote in November.
This vulnerability was years in the making. Like so much else, let us now take care of it right.
1
This is an act of war.
Trump is letting the USA attacked helplessly by the Russians.
This is a new front in the war of the internet age.
Trump the real estate businessman doesn't have any concept because this cyber war doesn't destroy his buildings and golf courses.
Trump voters should take notice.
This is tremendously worse than the attack on Pearl Harbor.
The "Hacks" on our Election System has changed the course of America into the 21st Century.
The results of these hacks has installed a Russian Puppet into our White House.
Huge World-Leading Movements and Laws to Protect our Environment have been tossed in favor of moving us back a century in energy production.
Many hundreds of Billions have been handed over to the wealthy who have no intention to filter ANY of it back into our society - and immensely increasing our debt in the process.
Our Bridges and Tunnels are Crumbling - Our rail system is actually the worst among industrialized nations in the world.
Our drinking water threatened by fracking and chemical spills.
Among the most fragile of our infrastructure is our electrical power grid.
Knowledge that the Russians (and the Chinese) are capable of interfering with it is outrageous.
On a planet where the wealth and information of the world travels via Fiber Optic Cables and Satellite transmissions -
We have a president who (and his deplorables) wants a wall along our Mexican border to curtail drugs and illegal aliens.
The professional members of our Border Patrol - see no need for a wall - "It's the 21st Century - they have surveillance drones and satellites - and the patrols are equipped with infrared scanners - the boarder has NEVER been safer -
A 3rd-World Military Parade in Washington will do NOTHING to curtail future cyber threats to our country !
1
another reason we need to redesign the electric grid into a system of thousands of micro-grids.
One doesn't need a fictional spaceship much less future to exercise the power of reason. A closed system (computer, communication, etc.) is safe. An open one, regardless of security and other precautions, is not.
The "internet" in its most global sense is glorious in many ways, but in many other ways, it is simply convenience, and Not Necessary.
Yet, reason is often ignored because profit is King.
Or is stupidity King? Hmm.
At what point will the thoroughly corrupt, greedy, and power-addicted GOTP conclude that yet another round of tax cuts for the plutocrat owners is not the answer? They are guilty of having deliberately starved aggressive upgrades to our entire national infrastructure, in order to buy the votes of their oligarch puppet masters, and in the process, have existentially threatened the entire nation. Not only must we vote every last one of them out, but we must demand that Congress focus upon this aggressive cyber warfare by hostile foreign powers - and immediately commence equally aggressive counter-measures which will help to safeguard our power, our water, and our electoral integrity. What does it take to shake these amoral thugs out of their craven torpor?
1
The same Putin who is the leader of a terrorist state hides his money and that if his oligarchical buddies in free world financial institutions.
It is past time to wipe that grin off his face when asked about using nerve agents to kill his enemies and freeze those accounts.
Hit them where it hurts -- in their pocketbooks.
1
Guess Romney was right in 2012 when he said Russia was the biggest threat to the west, and Obama and the NYTimes laughed at him. Hmmm.
Does this mean that the media is willing to follow without question Dems, esp. Obama? I don't know, but appears to be so.
Going forward, might we get a bit more objective and stay the course as Russia has never been transparent, Putin is KGB and a dictator that embraces no freedom for his people (or anyone else). No one likes war, or conflict (well, most don't), but now is the time and Russia, China, and NK are the targets.
It's called Hubris: the world wide web, for all its good intents and purposes, has opened our Democracy and freedoms to potential attack. Forget about Trump and his group of traitorous Deplorables. We need the best minds from Google, Amazon, Apple, Microsoft, Symantec and other security firms (excluding Kaspersky) to step up and defend America and the world from attack.
Seems pretty obvious that banking sanctions are what the Russians hate the most so why not deny them access to any Western financial institutions? Let the creepy mobsters lose all their money other than rubles and watch the internal mob war break out. And while the Russians toy with our infrastructure "the stable genius" stares out his giant TeeVee's to shop for his next group of cabinet members. GOP is wholly corrupted and even more inept
2
Oh my word- how I wish we had someone else at the helm of this ship.
1
Red warning lights are flashing. The Trump administration says, "How festive!"
2
There is a technology to implement in-depth security within any multiple computer system. An attacker can compromise an interface application but can only access a service on a hidden system computer according to administrator defined limitations. A password of the day can be implemented as part of a sign-on process that is protected by this in-depth security. An attacker might obtain or guess the current password of the day but will lose access when it changes.
A system implementer must learn that in-depth security is available. Policy and decision makers must be influenced to decide that in-depth security needs to be part of a cyber system. Find out more about this technology at SoftEcoSDK.com
The United States needs to seriously invest more time and money into re-evaluating the encryption and fortification of our infrastructure systems and databases. This should include voting systems, electrical systems, federal databases, water systems, financial databases, etc. Russia has revealed that there are flaws in our current systems. The U.S. has led and ushered-in the digital age. We are home to the world's largest tech companies and are producing some of the best minds through STEM and world renowned research institutions. Our government must take necessary steps to defend against such attacks as well as be prepared to go on the offensive if it calls for retaliation. There are no excuses.
152
This article mentions that the Wolf Creek nuclear plant, and that the hackers couldn't get into was because of a "network data diode" they have in place to be separate and secure form their business networks. Impossible for hackers to breech. This really is simple, and is being more and more implemented, but it takes time. Maybe this incident will accelerate it.
1
Yes. We must recognize our vulnerability to cyberattack and prepare now to defend against this very real possibility, which will take time, money, but most of all, political will.
For an important discussion of this topic see Ted Koppel's 2015 book, Lights Out (New York: Crown Publishers).
1
"Be prepared to go on the offensive". Are you so naïve as to think that the NSA hasn't been infiltrating the infrastructure systems of Russia and China and Iran and NKorea and any other country it deems the enemy of the day (and probably some friends, too)? I wouldn't be surprised if the Russians intentionally left their fingerprints behind to send the message that "Hey, we can play this game, too."
What frightens me more is the continual ratcheting up of the anti-Putin hysteria by the purportedly "liberal" lamestream media
The ability to remotely shut things down is bad, but recovery can be fairly easy. More worrisome, is the ability to induce flicker, toggling things on and off rapidly, causing wild fluctuations in the power grid; that will do permanent damage, and not easily repaired. Shutting down is merely a warning of the potential for much greater harm. We are all dependent on what is a much more fragile system than most people realize, and we are incredibly vulnerable. Any concerted attack would be devastating.
146
Recovery easy? Tell it to the Iranians, whose high-speed centrifuges we shredded.
I disagree that recovery can be fairly easy if things are shut down.
It would not take a large number of interruptions to shut down the entire power grid. Restarting that is decidedly non-trivial and the overall effect of a total blackout would be fantastically damaging in economic costs alone.
You make my point... that was not a shutdown.
As the NY Times editors comment today about the Trump administration exposing and confronting Russian malfeasance--finally! While necessary all along, the timing is intriguing, and the answer may be Mueller getting closer and closer.
1
The notion of proportional response is fine and necessary, though from my perspective I'm much more interested and feel more urgency to learn that owners of these systems are re-engineering them in order to close holes and isolate them, wherever possible, from networks.
Do our power plants have to be connected to the internet? We had power plants way before computers. Ian going to be running a portable generator at work today and I will run it without a computer attached to the internet. Amazing.
When will Congress face the fact that Putin had declared war on us and act accordingly?
Build a wall, a Firewall!
yeah, but what are we doing abroad ?
When is the best time to pull the plug on the US Power System? That would be Election Day. Watch for this Nov. surprize - no wonder the threat to our power systems has largely been ignored, it provides an excuse to call off or suspend elections until the threat abates (=indefinitely).
1
Yes, let’s throw a military parade. THAT’S what is important right now.
1
Instead of subjecting us to his daily reality show -- who's in and who's out at the White House version of The Apprentice -- Trump should be ordering the NSA to fry all the computers of Russian hackers, including the GRU and the troll farm in St. Petersburg; seizure of all assets belonging to Putin's oligarch pals, including their bank accounts, New York penthouses and Florida estates (some of which the Trump organization sold at inflated prices for laundered Russian mob money). And our top computer experts should be installing impenetrable computer defense at all our power plants and other vital grids.
1
The article says, "The United States is struggling to come up with proportionate responses", and that at the "Wolf Creek Nuclear Operating Corporation", the Russian hackers were not able to get into their nuclear plant controls from their business networks. The reason why is because their nuclear plant has the ultimate protection from Owl's network data diode, which is impossible to breach. Look up "Owl Cyber Defense". It allows us to all stop struggling with this problem. Really.
How about taking countermeasures to block this threat? Will Putin's "Useful Fool" be capable of defending the US against this sort of Russian aggression?
I guess it's time to think about installing a whole house generator, like the doomsday prepper living next to me, or maybe a move to California to live off the grid.
A party in full control ought to be able to do something constructive to fix this vulnerability. Alas, we are too focused on war making, political power plays and internal bickering to focus on this or anything else that requires a plan of action with milestones for accomplishment, regardless of consequences for failing to do so. To get anywhere on any significant matter in these times, the public must do what the high school students are doing on gun control - get out there and shout.
As long as the market keeps going up, racist drug laws are championed, and cops can keep shooting people with impunity, Trump's fans and supporters won't care.
We know that the Russians are responsible! They wormed their way into the power plant computers with malware and changed the operating system so that after a short period of time, the plants would fail and shutdown across America. RT had an interview with Putin, who claimed personal responsibility. Quote: "We have target of power system since nuclear is very important to Trump business interests. As Russians we have jealous of warm weather and blue sky and good seashore and small batch beer. So make power plant safety go away, so will Americans. Then Russians can come from Havana and get precious landscape for Oligarchs."
First it was Hillary's email and DNC server hack. Then it was their backing of Trump. Now we learn they are targeting our bridges. And a few days ago they tried to kill two ex-spies in England. What will they do next!? I fear we will have to be careful of tainted Starbucks coffee, exploding mattresses from Walmart, lamb chops from Costco and vodka from Stolichnaya! Nothing is safe from the Russians. Our only solution is to boost peacetime spending of military budgets and corporate investments in weaponry, new bombs and jets and subs and new uniforms and sharp pointy knives for our troops. And what about our cars? They can hack the electronics and make all the cars crash into each other during rush hour and create chaos across America! The Russians have landed in our computers and cell phones and twitter accounts! Nothing is safe! We have to fight back!
Mr. Trump and other fawning GOP folk, do you still believe Putin when he says he hasn't ordered hacks into our system? Wake up and give orders to be actively engaged in preventing hacks before it's too late.
Why exactly are the controls or critical infrastructure in power plants and fresh water infrastructure (which I would argue is more important @Midwest Josh seeing as we need clean drinking water to live) connected to the Internet?
1
You know, solar panels can’t explode.
Just another reason to move to solar power production....
Nicole Perlroth said on Rachel Maddow last night, that our power companies are privately owned, that many owners rely on simple, outdated software, and many are not cybersophisticated enough to even recognize the signs of being hacked. I'm sure they aren't fond of investing in updated anything.
This is disturbing. Clearly we need immediate, strict regulation if not nationalization of utilities. This age calls for centralization, coordination, cohesive strategy.
Why is it taxpayers cover insurance and, under the Nuclear Waste Policy Act of 1982, we also are responsible for waste. Only thing we don't get are the profits. This is unacceptable.
How nuclear power ever was acceptable to begin with is a mystery to me: "During the first 40 years that nuclear waste was being created in the United States, no legislation was enacted to manage its disposal. Nuclear waste, some of which remains radioactive with a half-life of more than one million years, was kept in various types of temporary storage." https://en.wikipedia.org/wiki/Nuclear_Waste_Policy_Act
There is still currently no permanent storage. A fact as frightening as Russian hacking.
Times, can you tell us who owns these plants? It's hard to determine. I just find things like this:
https://www.nrc.gov/docs/ML1626/ML16260A410.pdf
We have computer geniuses who invented foolish things like Twitter, Facebook, etc. We also had the knowledge / people to get a plumber into space to fix toilets on the space station. We have all these great minds & yet we can't protect our infrastructure. I realize money may be an issue - maybe Mr. Trump can give up some Mar-a-Lago trips or his vanity military parade to help this cause.
what have they already done that we have not properly identified? not to be alarmist but we have had a lot of train wrecks lately. testing, testing, testing......
President Obama said in 2015 or 2016, that the biggest threat the US faced in the coming years, was Cyber-warfare.
As usual, it turns out, he knew exactly what he was talking about.
But the GOP was more interested in obstructing and badmouthing him and portraying him as "weak", because he wasn't strutting about threatening people and bragging about himself. And then of course there was the fact that he was not white.
Far from being the tough guys they claim to be, their ideology has blinded them to the real threats faced by the US and made it infinitely more vulnerable.
Sarah Palin once sneered, referring to Obama, " We don't need a College Professor - we need a Commander-in-Chief" She also claimed to be able to "see" Russia from Alaska. Clearly this was literal, as everything is with her and the rest of her Party. Hopefully the US will not pay for this vision.
Voting machines must be easier to hack than nuclear power plants. No?
This President & the Congress have been derelict in defending the country against cyber attacks. It is beyond treason.
It doesn't matter. Our President is very unwilling to speak negatively about Russia. So are they blackmailing him with the dirt they have on him OR the threat to turn off the power OR a combination of both.
This is looking more and more like a movie adoption of a bad spy novel.
Putin is the most dangerous man in the world who has one objective and that is to divide Western democracies by undermining their elections , disrupting their industry and infrastructure . He sees this as his way of rebuilding the USSR and punishing the west for breaking it up in the first place.
He has the largest arsenal of nuclear weapons and he will use them if necessary.
The actions in the last week against Russia by the UK and the USA are laughable .
Churchill railed against Hitler , he was ignored as a crackpot, he was tragically right.
The EU , USA, Canada as a start must implement trade sanctions against Russia all minerals, aluminum , steel , agricultural products .
In addition NATO countries should with draw from the World Cup.
This will restrict Russia's financial ability to create mischief and wound the pride of the Russian people causing them to question the invincibility of Putin.
Trump boasts sanctions worked against North Korea most likely, so let's apply the same pressure to Putin . North Korea has threatened attacks, Russia has attacked.
Will that happen, of course not , Trump for one makes Chamberlain look like a hawk.
His failure to act meaningfully against Russia and protect our Union is a contradiction of his oath of Office .
Ryan and Mcconnel likewise.
1
Is this like Sputnik, and we are way behind the Russians? Or do we have these same capabilities? With regard to this sort of hacking, there needs to be the cyber equivalent of MAD.
Typical of what will be a private sector bailout by the Federal Government in order to protect "National Security". Just another form of corporate welfare so that they can keep the cost of services low and prop up the Republican message.
Meanwhile trump wants to execute drug dealers and go after MS13 instead of his buddy Putin.
Is there some reason we can't launch a cyber attack against Russia?
Gee,maybe we should do something about that.
The reason Trump is silent is he knows that he was punked.
Thanks Republicans for blocking every cybersecurity bill for 8 years!
And so Trump met with Putin and the smiles were fake from Putin and Putin must roll around on the floor laughing when he thinks about how he is making a "chump" of our President.
All part of that "nothing burger" about Russian hacking...
Must be that 400 lb guy in his mother's basement who trump thinks is the only kind of hacker in the world
Sanctions, condemning U.K. nerve agent incident and publicly accusing Russia of infiltrating our power systems
There goes that Seth Abramson-MSNBC-Louise Mensch blackmail-financially indebted to Russia conspiracy theory that an awful lot of hysterical people on these NYT comment boards bought into
1
We've been aware for years that cyber warfare was a distinct possibility and probability. we are very concerned about Russia. What about the technology transfers that have been made to China. Purchasing high-tech components from them is giving them an open door to our industrial and military base. Knowing that our industrial base is being attacked and has been attacked makes me wonder what steps have been taken to eliminate them in the future? Are we sure that no trojan horses have been left behind for future access or activation? What steps are being taken to force corporations who own and control our infrastructure to protect them from cyber attack?
110
Sounds ominous. Better build the wall higher. The stupid, stupid Mexican wall.
6
This has been common knowledge among hackers for some time. A Russian classmate with such connections told me "we (meaning the USA) are totally screwed" back in 2007.
1
And what we can do to Russia's infrastructure and power remains unknown to the public.
14
and so it should, my friend.
1
Sure hope our power suppliers aren't running their operating systems on windows 95.
16
Don't worry, many of them are on Windows XP.
-laughter ensues-
No, really
But don't be surprised if it's unpatched, sunsetted XP on many of those machines.
I was in a hospital to visit someone a few months ago and the nurses carts were using Windows XP.
But they're the President's friends. They wouldn't hurt us that way, would they?
29
For decades, the US media told us the evil Russians were only held back from pouring over the border and conquering Western Europe by the nuclear might of the US. The US public was told this every day, over and over, from all media sources. The TIMES did not protest this war fever. On the contrary, they were one if the main cheerleaders for Cold War One.
With the fall of the USSR, we now know that, just as the Soviets said, their military posture was purely defensive. The "Russian threat" was bogus.
So now we have Cold War Two. Daily we are reminded from all media sources to fear and hate the Russian Threat and the necessity for spending more and more on war and the military. Sorry but I've seen this movie before.
Readers should be sophisticated and realise that articles such as this one are just as much a part of the imperialist war effort as bombs dropping on Yemen.
8
Sophistication would actually suggest having a healthy wariness of the Russians. Ask many who grew up on countries adjacent to Russia.
While the US posture may have been as presented in Dr. Strangelove, don't forget the reality of Russian military conquest and domination in eastern Europe. Poles, Czekoslovakians, East Germans, and others had ample reason to resent and fear Russian power.
1
Nice try. Russia has changed under Putin. America under Trump. This is not the same movie.
Putin is positioning Russia to be the swing power between China and the U.S. It's a sad, sick, "zero-sum" mindset that sees one's own advance only at someone else's demise. In the U.S., we should marshal every resource and sensible instinct to avoid this trap.
8
While this appears to be a revelation, it actually is not. Anyone who watched the HBO special about the Suxnet virus knows that NSA and Israeli cyber engineers developed the virus that disabled the Iranian centrifuges and was capable of shutting down their entire electrical grid.
The authors of the documentary ended it by warning us that these viruses were now part of the cyber arsenals of several countries and portended a new and different kind of arms race.
And like any arms race, no sooner than a defense is created a new and more ingenious offensive weapon would be created. And the cycle will continue to spiral.
Rather than pursue the path of escalation through sanctions the proper way out of this is negotiations and if possible a treaty that as with nuclear weapons would at least limit and verify these new cyber weapons and at some point stand them down.
Some of the responses to this article think that force is the proper answer. But a cyber weapon is simply a set of codes and a computer. It can travel anywhere, with anyone and can be used at anytime. There is no completely secure system.
Nuclear weapons can destroy people and maybe the planet itself. But cyber weapons can destroy whole economies. With the world now linked into an interdependent global capitalist network it's time for both sides to talk, not react.
18
drspock--Not physical force, but cyber force. WE should be able to shut them down, at will.
But the question is why? Ultimately the Iran nuclear impasse was resolved through a treaty, not as a result of our cyber attack.
When either side thinks they have the right and the power to wield some super weapon, other sides discover their own super weapon.
As you put it WE shut them down, then they shut us down, then one side fires the first shot and before we know it someone pushes the button believing that the other side won't be able to push theirs. This approach was referred to as MAD (Mutual Assured Destruction) for good reason.
The most compelling reason this is very unlikely has noting to do with our ability to block cyberattacks and/or do the same thing to Russia. It is the simple fact that it would crash the entire global economy, either directly or because of the world-wide panic resulting from it. So, we are being kept safe from such attacks by the Russian oligarchs, and Putin himself, who have so much to lose financially. Of course, Russian oligarchs can't eliminate the possibility of such attacks by "non-state actors" as we euphemistically call such maniacs. In this case, we would need to ask Sean Connery, the best James Bond ever, to come out of retirement and terminate such villains with "extreme prejudice" as the CIA calls it.
3
The power companies have been warned about this for years. Their negligence is inexcusable.
10
You do not understand the problem. It is massive, and being worked on now, since we also have to redesign our communications and controls for renewables and distributed power.
Do not blame the power companies for Putin.
Like Donald Trump most of those congressmen making rules about what happens in cyberspace using the U.S.Government-designed internet know too little about the business they are in charge of regulating. This is the so-called "Free-Market" at work. Danger lurks around the corner and Emperor Donald and his Congressional claque are too busy playing Hail to the Chief to see the dangers.
10
Frankly, I'm less worried about Russia worming its way into our computerized infrastructure than I am about Russia worming its way into our halls of government, i.e., the GOP-controlled Congress and the Trump
Organization-controlled White House. One requires malicious acts by a foreign power, the other requires complicity by treasonous Americans. Which would you consider a more serious breach?
12
No need for intercontinental missiles if one can hit send on a keyboard and cause an American Chernobyl (or several in various states).
Energy policy is part of our security - Rick Perry is in charge. That is as frightening as DeVos in charge of Education, Zinke in charge of Interior, Pruitt in charge of the environment.
Russian meddling is a very serious threat, however it is not the greatest threat the nation is facing at the moment.
13
Will the U.S. need a military coup d'état? It's beginning to look like the Russians have invaded and taken control of not only our President and the Republican party, but our powerplants and other utilities. Who will protect us?
6
I hate to say it, but that would be an act of war. We would have no choice but to strike back.
1
nice idea, but if they've hacked into our nuclear arsenal (not unlikely) we won't be able to respond
Is this supposed to be a shock or surpise? I do not know why it should be. I hope our state, city and Federal governments are doing what needs to be done to protect us. What is New York City doing? What is the state doing? Please telI us? I have little faith in the federal government under Trump because I believe Trump is compromised, at the least, by Russia.
2
The next 9/11 will happen in cyberspace, and we are as unprepared now as we were then. And nothing is being done to prevent it.
3
I thought Trump and Putin were going to work together to create a Cyber Security council of some sort (as announced in the news last year)?
You mean, that was actually a terrible idea?
Who would have thought...
2
"the strikes accelerated in late 2015"
Wonder who was President then, and derelict in his duties.
5
Judging by most comments, apparently Trump was!
Remember, the Internet Of Things will render your home, your appliances, your possessions, just as vulnerable to digital attack as our power plants and other industrial infrastructure.
And don’t think a future destructive all-out cyber war can be avoided. It is an axiom that any weapon invented, is eventually used. Then the epitaph for Silicon Valley will be it created the means for our enemies to destroy us, out of greed, ignorance and complacency.
Individual workers are at the heart of good security. In an interconnected world carelessness by a single person can allow an adversary into an important network. Every worker has to be responsible and thoughtful.
"The White House says..." This is the president that denigrates the FBI and CIA are unreliable. Doesn't anyone else see this as smoke screen to take our attention away from Meuller's investigations and other problematic situations for Trump?
1
Don't forget that Trump considered working with Russia on cybersecurity in July of 2017. Why would he have considered that knowing about these cyber attacks from Russia? Was he not briefed on them by intelligence agencies? Was he not listening? The mind boggles.
https://www.washingtonpost.com/news/the-fix/wp/2017/07/09/trump-suggeste...
It is a symbol of ours sad times - and a symbol Russia and China must just adore - when you read comment after comment blaming Trump and the Republicans for it all. No real blame for Putin or Xi, no blame for eight lax years under Obama (who, of course, could never be at fault for anything), or our own weak kneed penchant for doing as little as possible about real threats to our national security and well being. No, we told, it;s always the fault of the US, we're the real threat to peace in the world, how dare we try to develop such tactics, etc.
We're doing this to ourselves and our enemies (you know, the enemies who were downplayed and scoffed, as in "the 1980's called and want their foreign policy back" crowd) are taking full advantage of it.
2
For cryin' in the beer, folks--enough with "well, we do it, too," as if that is supposed to excuse what the Russians are doing! You bet we do it, too, and if we hadn't been doing it, we'd have been long gone as an independent nation. That's not to excuse our having done those things which we ought not to have done--or our failure to do those things which we ought to have done, for that matter--but this, we need to do, for our very survival.
4