First Look: Treasury Department's sanctions on Russian sources for cyberattacks on US energy infrastructure

The Policy

What it does

Imposes financial sanctions on Russian individuals and entities for recent cyberattacks on critical US infrastructure, including electric utility companies and power plants. 

Synopsis

On March 15, 2018, the US Treasury issued sanctions against 19 individuals and 5 organizations linked by the US government to cyberattacks on critical US infrastructure, including energy infrastructure. The organizations and individuals are all Russian and believed to be working on behalf of the Russian state. The sanctions are designed to prevent the organizations and individuals from doing business with US companies, accessing the US financial system, or accessing property subject to US jurisdiction.

The alleged cyberattacks on US infrastructure, which have been occurring since at least March 2016, affected “organizations in the energy, nuclear, water, aviation, construction and critical manufacturing sectors,” according to a report from the Department of Homeland Security and the FBI. While the exact entities that were compromised remain unknown, there is speculation that the hackers penetrated the networks of power plant operators, potentially laying the ground work for sabotage.

As part of the US government’s response, the Department of Energy announced the formation of a new Office of Cybersecurity, Energy Security, and Emergency Response. The new office will “focus on energy infrastructure security, [and] support the expanded national security responsibilities assigned to the Department.” Some of these expanded national security responsibilities are those created by EO 13800 “Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure.” The US energy grid’s vulnerability to cyberattacks such as these have also been mentioned in recent discussions on grid resilience and reliability.

Context