Russian hackers cyber attack on Baltic states alarm NATO
Shares
Suspected Russia-backed hackers have launched exploratory cyber attacks against the energy networks of the Baltic states, sources said, raising security concerns inside the West's main military alliance, NATO.
Lithuania, Latvia and Estonia, all members of NATO and the European Union, are on the political front line of tensions between the West and Moscow. The Baltics are locked into Russia's power network but plan to synchronize their grids with the EU.
Interviews with more than a dozen law-enforcement and private investigators, insiders and utility officials show hackers have quietly made incursions into Baltic networks over the past two years, in parallel with more serious attacks in Ukraine that plunged swathes of that country into darkness.
They say Russian state organizations are suspected of being behind the campaigns.
Reuters could not independently verify the sources' allegations.
At the end of 2015, hackers attacked an Internet gateway used to control a Baltic electricity grid, disrupting operations but not causing blackouts, a source familiar with the matter said. He declined to give details due to ongoing private investigations into the incident, which has not been previously reported.
The attack was a distributed denial of service (DDoS), where Internet gateways are bombarded with large amounts of data, a blunt but sometimes effective technique in an age when energy networks are being modernized with digital technology.
The source also said suspected Russia-backed hackers had targeted a Baltic petrol-distribution system at around the same time in an unsuccessful denial of service attack that aimed to cause widespread disruption in petrol deliveries.
The system coordinates deliveries from storage tanks to a network of petrol stations, the source added.
In a separate malware attack on another undisclosed Baltic grid, also around end-2015, hackers targeted network communication devices, serial-to-ethernet converters (STEC), which link sub-stations to central control, two other sources said. The attack did not cause service disruption, they added.
Though these three incidents date back 18 months or so, cyber security consultants are still investigating some of them. They say hackers can remain dormant and undetected inside systems. In Ukraine, hackers had infiltrated the grids there for about six months before the lights went out in December 2015, consultants said.
