Sanctions announcement reveals hacks of U.S. critical infrastructure

The Department of Homeland Security has previously reported on cyber intrusions into critical infrastructure but has only identified an “Advanced Persistent Threat” without pointing the finger at a suspected culprit. In a move surely coordinated with Treasury’s announcement, the DHS updated its alert to note the Russian attribution and describe a “multi-stage campaign” into energy sector networks that included collection of “information pertaining to Industrial Control Systems.”

Why it matters: This attribution reinforces the need to secure critical infrastructure and continues a series of actions that have picked up steam since Homeland Security Advisor Tom Bossert told an audience last June that the U.S. government would “call out bad behavior and impose costs on our adversaries.” These include removal of Kaspersky from U.S. government systems, special counsel indictments, naming-and-shaming of Russia for the NotPetya attacks and this week’s sanctions and attribution.

What's next: These moves aren’t yet enough to stop Russia’s bad behavior. But it’s hard to imagine matters ending here.

Kate Charlet is director of the Technology and International Affairs Program at the Carnegie Endowment for International Peace and a former acting deputy assistant secretary of defense for cyber policy.