Russian Grid Hacking

Case Details

In the past decades, hacks against the power grid have transformed from the theoretical risk perspective to a real-world problem. On December, 23rd Dec, a significant power cut took place in Ivano-Frankivsk, A region of Western Ukraine leaving more than two thirty thousand residents to descend in darkness (Kshetri & Voas, 2017). The outage lasted lasts for more than five hours, but its effect was to resonate far longer. In 2017, the United States power companies was probed and infiltrated by the Russian Hackers, and the alarm was sounded by the security researchers (Sullivan & Kamensky, 2017). Evidence shows that the attackers had access to America’s utility control systems. Russia has hold record for its strong hacking allies such as NotPetya ransomware attacks conducted in 2017 leading to grid penetrations thus a sobering penetration (Mansfield-devine, 2018). The attack was so enormous that it compelled the US government to do a thorough investigation which revealed that the Russian state is fully involved in malicious actions. the US officials hinted about this for months before the Triumph of Trump as the president. It was during Trump’s reign that the acknowledgment was made public as the Russian government was linked to the NotPeya malware to Russia in February 2017 and then blamed Russia in March for the Grid Hacking (Harris, Lusted, 2017). Public acknowledgment enabled both the US government and other organi8zations to come up with strategies of curbing the attack. Human activists viewed the state’s involvement in hacking activities as scarier and recommended the application of the WIRED’s grid-hacking guide in gauging when one needs to freak out.

The two massive blackouts in Ukraine is shown to have been caused by the Russian cyber attacks. In 2015 and 2016, the grid hacking took place in a less dramatic form thus making Russia a continued probing of America’s critical infrastructure in an alarming note. The Russian actors are shown to take advantage of the existing loopholes in the US cybersecurity system even though America’s federal government wages war on the cyber-attack. In the CyberwarCom forum, on Wednesday, in Washington DC, specialist from the threat intelligence firm, FireEye noted that the US cybersecurity is highly defended and repellant to a full-scale cyber-attack. Russian attackers are consistently involved in cyber development with the primary aim of waging series of attacks on the American electrical grid. Alex Orleans, an analyst at then FireEye states that the system is continuously hit by the Russian team regardless of the control measures implemented (Sullivan et al., 2017).

The Russian attacker to the US electric grid is identified as Dragonfly 2.0, TEMP.Isotope or the Energetic Bear (Muller, Litoiu 7 Mylopoulos, 2016). The team applies the generic hacking techniques and tools formulated by other actors, thus a strategy known as “living off the land.” This criterion limits the time and development costs and makes it challenging to identify or trace the movements: the organization, TEMP.Isotope has also considered creating a system backdoor and applies the spear phishing as well as infected websites to compromise its targets. All the outsourced and developed tools are lined up against America’s grid methodologically and patiently.

The U.S security system lacks a competitive advantage here, and at the beginning of 2003, there was a massive blackout in the Northeastern and this attack targeted a utility formulated with the aim of defense and resilience referred as the North American Electric Reliability Corporation Critical Infrastructure Protection (Mansfiled-Devine, 2018). It concentrated on the protection of natural disasters and encouraged the need for best practices in cyber networks. Among the strategies implemented include data storage protections, strict access controls for both third parties and owners networks, network segmentation, and authentication. The plans are believed to harden electricity generation as well as transmission systems against cyber-attack. Later, it was realized that some segments were missing in the standards. Distribution entities which subcontract with larger firms in delivering power locally were missing adequate defenses and resources. It was therefore suspected that in the even attackers may meet challenges in their more formidable targets; they may opt to attack the other sectors not covered through continuous probing.

Recent research shows that TEM.Isotope’s main aim is not triggering large scale blackouts rather a traditional intelligence gathering. The team seeks to avail the knowledge that can be applied both to vet the U.S systems and expand the Russian energy. They indicate America’s weaknesses have a high potentiality in their attacks. FireEye analysts point out that the canvassing serves more subtly aggressive counterintelligence objectives. The threat activities from actors such as Isotope need a defensive action from the incident responders as well as the intelligence with the firm. The counterintelligence is aimed at frustrating the adversary. Utilities are the adversary for the active threat isotope, so wearing them down by creating anxiety, activity leaders to degradation.

Other researchers suggest that the control on cyber-crime should be based on confusion, discord, and fatigue as opposed to masterminding an all-out physical assault. Through the grid hacking, the American systems might not have reached at the climax as analysts suggest that consistent probing should only take place at the dramatic attacks. Other countries such as North Korea and Iran are shown to have taken advantage of the situation and began waging their attacks in the community security systems in the US. America’s government suspects and blames the Russian government for financing the allies and therefore responsible for keeping watch on the American Grid. But in reality, Russian are consistent attackers thus the need to uncover the techniques they employ in getting into the wires.

The attack is a result of conquest for monopoly and control. The U.S is presented as one of the World’s superpowers; thus any activity aimed at weakening their security system is much alarming. Cyber warfare has become one of the major world’s attacks which take place beyond sea routes, land, traditional air or the physical conflict. Cyber-attack has the benefit of being destructive, secretive and incredibly disruptive. Beyond power grids, the attackers can inflict massive damage to water and sewage treatment systems, transportation system and industrial chemical production plants. Access to control systems may enable hackers to shut down critical infrastructure and physical damage from explosions through flooding cities with sewage by reversing pumps and overloading power plants.

In my opinion, the U.S government ought to have applied the following criteria in ensuring theta they safeguard their security systems. Firstly, I will recommend patch applications and operating systems. System operators should be made ware on the popping messages and how to respond to them promptly. Research indicated that attacks use the vulnerabilities that are years old. Everyone should keep their operating system patch so that attackers would have fewer chances to deploy their code. Secondly, people should consider application whitelisting (Giraldo, Sarkar, Cardenas, Maniatakos & Kantarcioglu, 2017). Organizations should backlist applications which could easily leak their data outside the organization’s environment for instance; some organizations limit the use of Dropbox as this is likely to leak critical information to the public which is full of attackers. Home users should regularly review the applications in their computers to ascertain that they are the essential one. One should not respond to pop up a message on the screen when the computer is online as this may allow the installation of an attacker’s applications. It is evident that some programs in the computer can install other programs in the background which may help in corrupting the user’s source code (Fuchs, Kenney, Perina & VanDoom, 2017). Such applications are considered as malware and are therefore a nuisance. Such applications may open windows allowing the bad guys inside.

Thirdly, then organizations should restrict administration privileges. This ensures that the installation of programs might be limited to administration alone as opposed to the general users. This ensures that the computer is efficient and safe. Similarly, organizations should be encouraged to conduct network segmentation and segregation into the security zones and input validation to those organizations that use the web extensively. Other techniques I will recommend include file reputation and understanding the firewalls. The government should enlighten individuals working in organizations on various firewalls (Giraldo et al., 2017). Verizon or Comcast call for routers firewalls and should not be integrated to business or an enterprise level firewalls.

In conclusion, the Russian Grid attack was a consistent attack on American electric system by the Russian attackers. The attack led to a massive power outage in the U.S for over five hours. The attackers are believed to be financed by the Russian government. The attackers outsource their attacking tools so that they limit on time and cost needed in developing. Similarly, outsourcing the attacking software makes it challenging to trace their movements. The main aim of the attack is to cause incredible disruption and the need for control over others’ security system. American analysts suggest that the best way to cope up with the attackers is through frustration rather than the masterminding. I agree with their stance since masterminding the attackers may make them employ highly effective tools that may disrupt the entire system. I will, therefore, recommend the following techniques in safeguarding America’s security data and prevent the attackers from further actions. Among the techniques include understanding the application of various firewalls, restricting administrative privileges, network segmentation and segregation of the security zones, filing reputation, application whitelisting and patching applications and operating systems.



Fuchs, M. H., Kenney, C., Perina, A., & VanDoorn, F. (2017). Why Americans Should Care about Russian Hacking. Center for American Progress.

Giraldo, J., Sarkar, E., Cardenas, A. A., Maniatakos, M., & Kantarcioglu, M. (2017). Security and privacy in cyber-physical systems: A survey of surveys. IEEE Design & Test, 34(4), 7-17.

Harris, D., & Lusted, M. A. (2018). Russian Hacking in American Elections. Essential Library.

Kshetri, N., & Voas, J. (2017). Hacking power grids: a current problem. Computer, 50(12), 91-95.

Mansfield-Devine, S. (2018). Nation-state hacking–a threat to everyone. Computer Fraud & Security, 2018(8), 17-20.

Müller, H. A., Litoiu, M., & Mylopoulos, J. (2016). Engineering Cybersecurity into Cyber-Physical Systems.

Sullivan, J. E., & Kamensky, D. (2017). How cyber-attacks in Ukraine show the vulnerability of the US power grid. The Electricity Journal, 30(3), 30-35.


Do you need high quality Custom Essay Writing Services?

Custom Essay writing Service