The Biden administration has warned about Russian cyberattacks against American soil. In newly unsealed charges, the Justice Department released information about past cyberattacks that it claims the Russians launched.
” The Russians are a persistent threat,” said Deputy Attorney General Lisa Monaco to Bill Whitaker in a report about 60 Minutes. It is the same type of activity we warn about when it comes Russia’s reaction to the international response to the Ukraine horrors. “
The Justice Department states that three Russian intelligence agents and their accomplices attacked the energy sector and hacked hundreds of organizations and companies around the globe. According to the indictment, Russian hackers were also able to hack into the Kansas nuclear power plant’s computer network.
Monaco stated that these attacks have occurred before, but Americans need to be ready for them. Monaco stated that Russian state actors are “scanning, probing and looking for opportunities, as well as looking for weakness in our systems, critical infrastructure, and on businesses.”
In the summer of 2017,, a DOJ investigation says that Russian hackers attacked the safety system at an offshore oil refinery. This led to the plant’s shutdown. The plant was identified by investigators as the Petro Rabigh complex of petrochemicals and refineries in Saudi Arabia.
Robert Lee was a former NSA hacker who is also the cofounder of cybersecurity firm Dragos. He investigated the attack. The malware known as Triton, which the hackers installed could have caused explosions or released harmful chemicals into the Saudi facility. “
” This is the first cyberattack that was explicitly intended to kill humans in human history, Lee stated. It targets safety systems. These safety systems exist to protect people’s lives. It is not possible to harm people by going after this system. “
Lee believes that disaster was avoided because hackers committed a minor error in their software. He stated that the hackers didn’t actually cause the damage they wanted, such as an explosion which would kill many people. Instead, it shut down the facility.
Lee investigated also two cyberattacks against civilian infrastructure in Ukraine, widely regarded as the worst.
Lee says that Russian hackers, the GRU military intelligence agency broke into the networks of three Ukrainian power companies and then waited before they launched their full-scale attack. Lee stated that they broke into the systems over the summer and got in position to learn how to use them. “And as a result, they disconnected over 60 substations across Ukraine and caused blackouts for around 225,000 customers in the dead of winter. “
A year later Lee claims that GRU hackers had returned with a more advanced attack – an automatic piece of malware which could disable multiple transmission stations using a single keystroke.
” It was shocking to everyone because it had been speculated that this could be done. It’s feasible. This is something that people in my cybersecurity community have talked about for years. It’s a huge proof of your ability to do it. We also now know they are bold enough to make it happen. “
Lee suggested that the Russians might do the exact same thing here in America.
Lee claims that his cybersecurity firm has been tracking the GRU hacking team — also known as “Sandworm”, by researchers — probing U.S. power companies and installing malware over the past few years.