*Except for possibly multiple successful hacks in 2017 and 2018. The Director of National Intelligence’s 2019 Worldwide Threat Assessment (based on intelligence gathered by the FBI and CIA) has this paragraph (p. 6):
Russia has the ability to execute cyber attacks in the United States that generate localized, temporary disruptive effects on critical infrastructure—such as disrupting an electrical distribution network for at least a few hours—similar to those demonstrated in Ukraine in 2015 and 2016. Moscow is mapping our critical infrastructure with the long-term goal of being able to cause substantial damage.
The undisputable implication of this statement is that Russian hackers penetrated the control centers of multiple electric utilities and planted malware that could cause an outage. When this report was released, many cyber professionals in or knowledgeable of the electric power industry believed this conclusion to be wrong. However, since no investigation was conducted at the time, six years later there is still no evidence that the FBI's and CIA’s statements in that report were wrong.
Pretty sad, isn’t it? You never can erase an asterisk from your record. Just ask Barry Bonds and Sammy Sosa.
Any opinions expressed in this blog post are strictly mine and are not necessarily shared by any of the clients of Tom Alrich LLC.
If you would like to comment on what you have read here, I would love to hear from you. Please email me at firstname.lastname@example.org.