“U.S. and Russia are trying to hack into each other’s electricity networks.

The US and Russia are accusing each other of hacking into the other’s electricity networks or trying to do so. According to the other, both countries are trying to inject malware, either directly or via state-sponsored hackers, into networks that can partially or completely shut down the other’s electricity network.

A report claims that Xenotime, the Russian group behind the attacks with Triton malware on oil and gas companies in the Middle East in 2017, is now investigating and trying to enter American electricity networks. The claim came according to Silicon Angle from security company Dragos, which states that since the end of 2018 the group has been penetrating the networks of electricity companies in the U.S. and in Asia.

“This behaviour may indicate that the group is preparing for a larger cyber attack, or at least is preparing for a future industrial, system-oriented intrusion,” says Dragos. Xenotime’s research comes in several forms, such as attacks that try to steal log-in data and network scans. All these attacks are designed to find a way to penetrate a system. If successful, Xenotime can inject malware that attacks ICS networks to bring the network down. This can also cause safety problems that have the potential to lead to injury and death.

Attacks from US

Meanwhile, The New York Times reports that the US is “intensifying digital attacks on the Russian electricity network, as a warning to President Putin and a demonstration of how the Trump government is using its new authorities to use cyber tools more aggressively”.

On the basis of anonymous current and former officials, the newspaper referred to the “previously unknown deployment of American code in Russia’s network and other targets”. The suggestion is that the US already successfully injected code into the Russian networks. It is unclear whether they are malware or espionage tools.