Flexing cyber warfare muscle, Russia shows it can cause major disruptions

PBS NewsHour - Published on March 16, 2018

The Trump administration has accused Russia of a series of cyberattacks on American and European power plants, water facilities and electrical grids, dating back to 2015. Why target a country’s infrastructure? And what are the risks of such acts of cyberwarfare? John Yang talks to David Kennedy of TrustedSec.

Read the Full Transcript

Judy Woodruff:

Now the threat to the U.S. power grid and other vital infrastructure.

John Yang has more on newly revealed hacking attacks by Russia here at home.

John Yang:

Judy, the Trump administration has accused Russia of a series of cyber-attacks on American a European power plants, water facilities and electrical grids.

Officials say the intrusions began in 2015, and continued through last year. While the hackers had their fingers on the switches, so to speak, they apparently didn’t actually shut off power.

The FBI and other agencies tracked the hackers, and allege that Russian intelligence is responsible.

For more on these attacks and the wider cyber-battlefield, I’m joined by David Kennedy, the founder of TrustedSec, a tech security firm.

David, thanks so much for joining us.

Now, does this mean that they still have their fingers on those switches and can sort of wreak havoc at will?

David Kennedy:

Well, the energy grid and the water treatment facilities aren’t like one interconnected system.

So, throughout the United States, there’s a number of companies, and it’s a disjointed system. So the FBI is working with all of these different companies trying to find out what level of access they had to try to boot them out.

So, there still could be access into the systems. We don’t know how widespread this was. And the Department of Homeland Security didn’t really give all of the details. So, we don’t know if they’re still in the systems, but just we know that they were specifically targeting a large amount of our infrastructure, so that possibly in the event that there was a military conflict they could shut us down, a large percentage of our infrastructure.

John Yang:

So, this is in a way a threat or letting them — letting the United States know that they can do this if they wanted to?

David Kennedy:

Well, Russia is being extremely aggressive on a lot of different areas right now, and this is just one of them, and especially on the cyber-front.

But what nation-states typically try to do is have what we call military preparedness, where in the event that there’s some sort of military conflict — and Russia obviously sees Western allies as being a major threat — so, you know, our European allies, the United States, all as major threats towards Russian dominance, especially when it comes to its allies, Syria, Iran, etc.

And so, when it comes to that, Russia likes to have an upper hand when it comes to, you know, in the event there was a conflict between the United States and Russia, could, you know, Russia have a substantial amount of impact back here in the United States on causing major disruptions?

The financial — could it have a financial impact, where it could shut down our financial sector? Could it shut down our lights and our power? Could it stop water from flowing to our homes and cause water outages?

Those are all things that could cause a substantial amount of damage and pain here back in the United States, without even firing a missile. So those are things that Russia uses as far as capabilities to really try to cause a lot of hurt on the United States, in the event that something happens.

So those are, you know, capabilities that are now possible through cyber-methods that all nation-states are looking to develop, not just, you know, Russia. Iran is looking to develop them, North Korea, China.

You know, obviously, you know, nation-states aren’t necessarily, you know, good to the United States when it comes to relations. Those are all things that can happen when it comes to cyber-capabilities, not necessarily the most, you know, militarily advanced capabilities when it comes to the United States, when we have, you know, a lot of times the upper hand.

John Yang:

Well, David, you say that all nation-states are trying to do this. Is the United States developing this against other countries?

David Kennedy:

Absolutely.

In fact, there was a big leak that happened about a year ago from what was called the Equation Group, which was traced back to the National Security Agency, a group called TAO.

And during this period of time, a bunch of Russian actually stole a lot of code from the National Security Agency, their elite hacking group, and published this code out. And it detailed a lot of what the NSA was actually doing and a lot of operations that they used to infiltrate a lot of the different countries abroad.

It showed a lot of how they tracked, through the SWIFT network, which is the financial backbone of how they are tracking a lot of money laundering toward terrorist organizations and how they’re able to track terrorists throughout the world.

So we use these types of capabilities as well. So the United States absolutely has capabilities, cyber-capabilities, for launching these. And we do the exact same thing. We’re hacking into industrial control systems for manufacturing, for, you know, grids, for water treatment facilities. We’re doing the exact same things to other countries as military capabilities.

It’s kind of, we’re going to hack them, they’re going to hack us. It’s just — we just — we’re hoping that we don’t get discovered. They’re hoping they don’t get discovered. It’s a military fight right now for cyber-warfare.

John Yang:

So, cyber-warfare is going on?

David Kennedy:

All the time, every day.

As we speak, as we’re talking right now, there’s active hacks that are happening as we’re going on right now talking. We’re hacking into Russia. Russia’s hacking into us. Iran’s hacking into us. North Korea is hacking into us. We’re hacking into them.

It’s a massive battle that is occurring now. And it’s crazy to think about, because there’s no talk around what actually this means as far as ramifications. And think about it. If an accident accidentally happens, right, a slip-up occurs, and it shuts down half of our power grid by mistake, is that an act of war?

Does that constitute an act of war, and now we are going to start launching missiles at Russia? This is a very delicate situation. And a lot of these systems, you talk about the electric grid — these systems haven’t been updated probably in 30, 40, 50 years in some cases.

They’re super, super sensitive. Just by breathing on them the wrong way can shut them down. So, the mistakes are going to happen. There’s a possibility for loss of life. I mean, there’s a lot of ramifications that can happen for these types of activities. And we’re just seeing the tip of the iceberg happening right now.

John Yang:

David Kennedy on cyber-warfare, thanks so much for joining us.

David Kennedy:

Thanks for having me. Appreciate it.