If it really were the case that Russian hackers had access to the rooms of a U.S. utility, what would be the proper response? Right now, the response to threats of cyber attacks has been a lot of tough talk and posturing. But an act of war would require a “proportional response.” That could become a difficult undertaking –especially since cyber threats are notorious for being very difficult to track to the original source actor. What happens, for example, if it is really the Chinese behind the attack on electrical utilities, but all accounts and IP addresses are spoofed to appear as if the attacks on utility networks were coming from Russia?
Russian election meddling and Russian power grid meddling
The issue of Russian hackers meddling in the U.S. power grid might not be such a big issue, of course, were it not for the current investigation of Special Counsel Robert Mueller into Russian election meddling and possible collusion with the Trump administration during the 2016 U.S. presidential election. That investigation recently added indictments of 12 Russian intelligence officers for their role in hacking emails and servers belonging to Hillary Clinton and the Democratic National Committee (DNC).
This investigation complicates any discussion of power grid meddling for two reasons. First of all, it encourages Democrats (and especially supporters of Hillary Clinton) to push the case that U.S. President Donald Trump is somehow a “Manchurian Candidate” under the control of the Russians. Why else, they claim, would he be turning a blind eye to current Russian hackers trying to access electric utilities and power plants?
And, secondly, continued stories of Russian hacking and meddling could back the Trump administration into a corner. In order to avoid appearing weak on Russia, they might have to escalate their own rhetoric and actions. One thing could lead to another, and a war that nobody wants could actually become a reality. What happens, for example, if hackers completely unrelated to Russia do manage to attack a power company and throw the wrong switch, resulting in an attack that claims hundreds of victims? The only possible response might be war.
Going forward, it is clear that cybersecurity is becoming an increasingly complex issue. Once purely an IT issue, it has now become a matter of national security. A few years ago, Russian hackers might have been content with merely seeing whether or not it was possible to hack into the U.S. power grid. Now that they have peered inside utility networks and understand how they work and what their vulnerabilities are, there may indeed be a clear and present danger to the U.S. power grid.