National Security & Defense

Officials Confirm Russian Hackers Can Shut Down U.S. Power Plants At Will

The Russian flag flies in front of a monument to Lenin in Bakhchysarai, Crimea, September 27, 2017. (Pavel Rebrov / Reuters)

State-sponsored Russian hackers currently possess the ability to shut down U.S. power plants should they so choose.

The hackers gained access to critical control systems at numerous unspecified power plants beginning in the spring of 2017, allowing them to disrupt the facilities’ operations at will, according to a Department of Homeland Security report released Thursday.

Moscow continues to enjoy access to the machines controlling the power plants and could theoretically disrupt their operations given the requisite level of Russo–American hostilities, multiple government officials and private security professionals confirmed to the New York Times Friday.

“We now have evidence they’re sitting on the machines, connected to industrial control infrastructure, that allow them to effectively turn the power off or effect sabotage,” said Eric Chien, a security technology director at Symantec, a digital security firm. “From what we can see, they were there. They have the ability to shut the power off. All that’s missing is some political motivation.”

DHS and the FBI first warned utilities companies of the emerging threat in June, roughly a year and a half after intelligence agencies first became aware that Russia had redoubled their efforts to infiltrate critical U.S. infrastructure.

The agencies first publicly disclosed the aggression in a Thursday statement that accompanied a new round of sanctions directed at Russian individuals and entities involved in election meddling and cyberattacks. Officials also issued a new and more dire warning to utilities companies, providing a screenshot — taken by a Russian operative — to demonstrate Russia’s ability to access critical controls.

While officials believe separate Russian hacking groups are responsible for the election meddling and cyberattacks, the attempts to penetrate critical U.S. infrastructure increased dramatically in conjunction with efforts to influence the 2016 presidential election, and surged once again roughly three months into President Donald Trump’s first term.