Russia a threat to US industrial control systems through cyber attacks
The Defense Intelligence Agency warned this month that Russian government hackers could penetrate U.S. industrial control networks using commercial security software.Can you trust the Russians not to exploit the software? Probably not despite the assurances of the company. Putin would not be Putin if he did not at least try to exploit the software.
The agency stated in a recent notice circulated within the Pentagon that security software being developed by Kaspersky Lab, a Russian-origin company, will create vulnerabilities for U.S. industrial control systems and so-called supervisory control and data acquisition software, or SCADA, systems, if purchased and deployed by American utilities.
A DIA spokesman declined to comment on the report.
Kaspersky Lab, in a statement, denied its security products could be used against U.S. infrastructure.
In a related development, two U.S. military commanders urged Defense Secretary Ash Carter earlier this month to do more to defend critical infrastructure from cyber attacks against industrial control systems.
“We respectfully request your assistance in providing focus and visibility on an emerging threat that we believe will have serious consequences on our ability to execute assigned missions if not addressed – cyber security of [Defense Department] critical infrastructure Industrial Control Systems,” Northern Command’s Adm. William Gortney and Pacific Command’s Adm. Harry Harris stated in a Feb. 11 letter to Carter.
On the potential Russian government exploitation of security software, defense officials familiar with the DIA report said the agency fears U.S. electrical and water utilities, as well as other critical industrial sectors, will purchase and use the Kaspersky security software.
The agency said the software could permit Russian government hackers, considered among the most advanced nation-state cyber spies, to gain access to industrial control software, specifically remote-controlled SCADA programs that run the electrical grid, oil and gas networks, water pipelines and dams, and wastewater systems.