U.S.
Escalates Online Attacks on Russia’s Power Grid
WASHINGTON — The
United States is stepping up digital incursions into Russia’s electric power
grid in a warning to President Vladimir V. Putin and a demonstration of how the
Trump administration is using new authorities to deploy cybertools more
aggressively, current and former government officials said.
In interviews over
the past three months, the officials described the previously unreported
deployment of American computer code inside Russia’s grid and other targets as
a classified companion to more publicly discussed action directed at Moscow’s
disinformation and hacking units around the 2018 midterm elections.
Advocates of the
more aggressive strategy said it was long overdue, after years of public warnings from the Department of
Homeland Security and the F.B.I. that Russia has inserted
malware that could sabotage American power plants, oil and gas pipelines, or
water supplies in any future conflict with the United States.
But it also carries significant risk of escalating the daily digital Cold
War between Washington and Moscow.
The administration
declined to describe specific actions it was taking under the new authorities,
which were granted separately by the White House and Congress last year to
United States Cyber Command, the arm of the Pentagon that runs the military’s
offensive and defensive operations in the online world.
But in a public
appearance on Tuesday, President Trump’s national security adviser, John R.
Bolton, said the United States was now taking a broader view of potential
digital targets as part of an effort “to say to Russia, or anybody else that’s
engaged in cyberoperations against us, ‘You will pay a price.’”
Power grids have
been a low-intensity battleground for years.
Since at least
2012, current and former officials say, the United States has put
reconnaissance probes into the control systems of the Russian electric grid.
But now the American strategy has shifted more toward offense, officials
say, with the placement of potentially crippling malware inside the Russian
system at a depth and with an aggressiveness that had never been tried before.
It is intended partly as a warning, and partly to be poised to conduct cyberstrikes
if a major conflict broke out between Washington and Moscow.
The commander of United States Cyber Command, Gen. Paul M. Nakasone, has
been outspoken about the need to “defend forward” deep in an adversary’s
networks to demonstrate that the United States will respond to the barrage of
online attacks aimed at it.
“They don’t fear us,” he told the Senate a
year ago during his confirmation hearings.
But finding ways
to calibrate those responses so that they deter attacks without inciting a
dangerous escalation has been the source of constant debate.
Mr. Trump issued
new authorities to Cyber Command last summer, in a still-classified document
known as National Security Presidential Memoranda 13, giving General Nakasone
far more leeway to conduct offensive online operations without receiving
presidential approval.
But the action
inside the Russian electric grid appears to have been conducted under little-noticed
new legal authorities, slipped into the military authorization bill passed
by Congress last summer. The measure approved the routine conduct of “clandestine
military activity” in cyberspace, to “deter, safeguard or defend against
attacks or malicious cyberactivities against the United States.”
Under the law,
those actions can now be authorized by the defense secretary without special
presidential approval.
“It has gotten
far, far more aggressive over the past year,” one senior intelligence official
said, speaking on the condition of anonymity but declining to discuss any
specific classified programs. “We are doing things at a scale that we never
contemplated a few years ago.”
The critical question — impossible to know without access to the classified
details of the operation — is how deep into the Russian grid the United States
has bored. Only then will it be clear whether it would be possible to plunge
Russia into darkness or cripple its military — a question that may not be
answerable until the code is activated.
Both General
Nakasone and Mr. Bolton, through spokesmen, declined to answer questions about
the incursions into Russia’s grid. Officials at the National Security Council
also declined to comment but said they had no national security concerns about
the details of The New York Times’s reporting about the targeting of the
Russian grid, perhaps an indication that some of the intrusions were intended
to be noticed by the Russians.
Speaking on
Tuesday at a conference sponsored by The Wall Street Journal, Mr. Bolton said:
“We thought the response in cyberspace against electoral meddling was the
highest priority last year, and so that’s what we focused on. But we’re now
opening the aperture, broadening the areas we’re prepared to act in.”
He added, referring to nations targeted by American digital operations, “We
will impose costs on you until you get the point.”
Two administration
officials said they believed Mr. Trump had not been briefed in any detail about
the steps to place “implants” — software code that can be used for surveillance
or attack — inside the Russian grid.
Pentagon and
intelligence officials described broad hesitation to go into detail with Mr.
Trump about operations against Russia for concern over his reaction — and the
possibility that he might countermand it or discuss it with foreign officials,
as he did in 2017when he mentioned a
sensitive operation in Syria to the Russian foreign minister.
Because the new law defines the actions in cyberspace as akin to
traditional military activity on the ground, in the air or at sea, no such
briefing would be necessary, they added.
The intent of the
operations was described in different ways by several current and former
national security officials. Some called it “signaling” Russia, a sort of
digital shot across the bow. Others said the moves were intended to position
the United States to respond if Mr. Putin became more aggressive.
So far, there is
no evidence that the United States has actually turned off the power in any of
the efforts to establish what American officials call a “persistent presence”
inside Russian networks, just as the Russians have not turned off power in the
United States. But the placement of malicious code inside both systems revives
the question of whether a nation’s power grid — or other critical
infrastructure that keeps homes, factories, and hospitals running — constitutes
a legitimate target for online attack.
Already, such
attacks figure in the military plans of many nations. In a previous post,
General Nakasone had been deeply involved in designing an operation code-named Nitro Zeus that
amounted to a war plan to unplug Iran if the United States
entered into hostilities with the country.
How Mr. Putin’s
government is reacting to the more aggressive American posture described by Mr.
Bolton is still unclear.
“It’s 21st-century
gunboat diplomacy,” said Robert M. Chesney, a law professor at the University
of Texas, who has written extensively about the shifting legal basis for
digital operations. “We’re showing the adversary we can inflict serious costs
without actually doing much. We used to park ships within sight of the shore.
Now, perhaps, we get access to key systems like the electric grid.”
Russian intrusion on American infrastructure has been the background noise
of superpower competition for more than a decade.
Original link: https://www.nytimes.com/2019/06/15/us/politics/trump-cyber-russia-grid.html
Nessun commento:
Posta un commento