In the most significant act taken by the Trump administration regarding Russia’s efforts to meddle in the 2016 presidential election to date, the White House announced a slew of new sanctions against Russian individuals and entities on Wednesday. The new sanctions address not only efforts to manipulate the American democratic process, however, but also a series of other malicious cyber attacks traced back to Russia in recent years.
Some of those attacks, according to official statements from multiple federal agencies, even successfully infiltrated America’s power grid.
The Administration is confronting and countering malign Russian cyber activity, including their attempted interference in U.S. elections, destructive cyber-attacks, and intrusions targeting critical infrastructure,” said Treasury Secretary Steven T. Mnuchin in a release that accompanied the sanctions.
These targeted sanctions are a part of a broader effort to address the ongoing nefarious attacks emanating from Russia. Treasury intends to impose additional CAATSA sanctions, informed by our intelligence community, to hold Russian government officials and oligarchs accountable for their destabilizing activities by severing their access to the U.S. financial system.”
Some have criticized the American president for failing to meet the Congress mandated deadline for imposing these new sanctions on the Russian individuals and entities, including Moscow’s intelligence services, for their roles in attempting to interfere with the 2016 election that saw Trump elected. However, it is worth noting that these sanctions amount to the most significant punishment levied by the Trump administration yet on Putin’s Russian regime.
The announcement came with a significant disclosure as well: according to the Treasury, some of the new sanctions tie directly to a concerted Russian effort to hack into the United States energy grid. Gaining access to America’s electrical infrastructure could spell sure disaster for the U.S. if ever a conflict were to arise between Russia and the United States, as a nation-wide, or even regional blackouts would not only throw the nation into turmoil, it could result in a massive loss of life.
The United States Government Computer Emergency Readiness Team released a laundry list of Russian efforts to infiltrate integral American infrastructure elements using cyber warfare tactics in conjunction with the new sanctions. According to the alert, the Russian efforts ranged from on site and open-source reconnaissance to complex network based efforts, but much of their success still came from e-mail manipulation and “phishing” efforts.
In order to gain access to important networks managing America’s infrastructure, Russian operatives referred to in the alert as “threat actors” used web address misdirection techniques to bring people to websites that looked like their normal e-mail login screen. Once they supplied their usernames and passwords to the mock page, those threat actors were able to use those credentials to gain access to systems themselves, or to further pursue access via e-mail communications.
The threat actors leveraged compromised credentials to access victims’ networks where multi-factor authentication was not used.  To maintain persistence, the threat actors created local administrator accounts within staging targets and placed malicious files within intended targets.” The alert reads.
According to a statement from the Trump administration, Russians were successful at infiltrating parts of the energy sector, though they were stopped before any damage could be done.
“We were able to identify where they were located within those business systems and remove them from those business systems,” the official said, speaking on condition of anonymity.
The new sanctions, which target 19 Russian individuals and five groups, include the 16 Russians that were indicted by Special counsel Robert Mueller as a part of his criminal investigation. While that investigation has received harsh criticisms from the Republican party, the Trump administration’s decision to include those individuals in the sanctions could serve as a defacto acknowledgement that Russia did indeed work to manipulate the election process for their own gain. It’s important to note, however, that acknowledging the Russian effort, which Trump has done in the past, does not not equate to any admission of collusion or involvement from Trump or his campaign.
The sanctions also target individuals working for the Russian intelligence services, the Federal Security Service (FSB), and the Main Intelligence Directorate (GRU).
Image courtesy of the Associated Press