The hacking group, Energetic Bear, is among Russia’s stealthiest. It appears to be casting a wide net to find useful targets ahead of the election, experts said.
![](https://static01.nyt.com/images/2020/10/23/us/politics/23dc-airport-hack/23dc-airport-hack-articleLarge.jpg?quality=75&auto=webp&disable=upscale)
The act itself did not worry them so much — officials anticipated that the Russians who interfered in the 2016 election would be back — but the actor did. The group, known to researchers as “Dragonfly” or “Energetic Bear” for its hackings of the energy sector, was not involved in 2016 election hacking. But it has in the past five years breached the power grid, water treatment facilities and even nuclear power plants, including one in Kansas.
It also hacked into Wi-Fi systems at San Francisco International Airport and at least two other West Coast airports in March in an apparent bid to find one unidentified traveler, a demonstration of the hackers’ power and resolve.
September’s intrusions marked the first time that researchers caught the group, a unit of Russia’s Federal Security Service, or F.S.B., targeting states and counties. The timing of the attacks so close to the election and the potential for disruption set off concern inside private security firms, law enforcement and intelligence agencies.
“One possible explanation is that they are calling in the real pros — the A Team — who is used to operating in this really sensitive critical infrastructure where you want to keep quiet until you don’t,” said Suzanne Spaulding, the former under secretary for cybersecurity and critical infrastructure at the Department of Homeland Security.
In 2016, Russian hackers from other groups were unusually noisy in their efforts to penetrate some state election databases. “You could argue they didn’t care about being quiet,” Ms. Spaulding said. But now that Russia has been called out and punished for interfering in the election, President Vladimir V. Putin “may want to keep this quiet until the circumstances are set for their use in information operations,” she added.
American officials described the hackings in an advisory on Thursday as “opportunistic,” rather than a clear attack on election infrastructure, but conceded the group had targeted dozens of state and local systems and stolen data from at least two targets’ servers.
“They’re broadly looking to scan for vulnerabilities and they’re working opportunistically,” said Christopher C. Krebs, the director of the Cybersecurity and Infrastructure Security Agency, which issued the warning along with the F.B.I.
That hardly reassured researchers who have tracked Energetic Bear for years. “This appears to be preparatory, to ensure access when they decide they need it,” said Adam Meyers, the head of threat intelligence at CrowdStrike, a security firm that has monitored the group.
Energetic Bear typically casts a wide net, then zeros in on a few high-value targets. In Germany and the United States, the group has infected websites popular in the energy sector, downloading malware onto the machines of anyone who visited the sites, then searching for employees with access to industrial systems.
In other attacks, it has hijacked the software updates for computers attached to industrial control systems. It has also blasted targets with phishing emails in search of employees, or co-workers, who might have access to critical systems at water, power and nuclear plants.
And it has done so with remarkable success. A disturbing screenshot in a 2018 Department of Homeland Security advisory showed the groups’ hackers with their fingers on the switches of the computers that controlled the industrial systems at a power plant.
The group has thus far stopped short of sabotage, but appears to be preparing for some future attack. The hackings so unnerved officials that starting in 2018, the United States Cyber Command, the arm of the Pentagon that conducts offensive cyberattacks, hit back with retaliatory strikes on the Russian grid.
Some called the counterattacks the digital era’s equivalent of mutually assured destruction. But any hope that American officials had that their strikes would deter Russia dissipated when the group started targeting American airports in March.
Officials at San Francisco International Airport discovered Russia’s state hackers had breached the online system that airport employees and travelers used to gain access to the airport’s Wi-Fi. The hackers injected code into two Wi-Fi portals that stole visitors’ user names, cracked their passwords and infected their laptops.
The attack began on March 17 and continued for nearly two weeks until it was shut down. By then, officials at two other airports discovered their Wi-Fi portals had also been compromised. Researchers would not name the other victims, citing nondisclosure agreements, but said they were on the West Coast.
As pervasive as the attacks could have been, researchers believe Russia’s hackers were interested only in one specific person traveling through the airports that day.
“Ostensibly, hundreds of thousands of people could have been compromised,” said Eric Chien, a cybersecurity director at Symantec, who examined the attack. “But only 10 were.”
Mr. Chien’s team discovered that the hackers were “fingerprinting” the machines of anyone who logged onto the Wi-Fi network in search of one older version of Microsoft’s Internet Explorer browser. If they found a match, the hackers infected those laptops. If the Wi-Fi visitors used any other browser, the hackers left them alone.
“From what we could see, they were going after a specific individual,” Mr. Chien said.
In the government alert on Thursday, officials said that the Russian group was again targeting aviation systems. It did not name the targets but did suggest in some technical language that one could have been the airport in Columbus, Ohio.
In a previous homeland security warning about the group, officials said it “targets low security and small networks to gain access and move laterally to networks of major, high-value asset owners within the energy sector.”
Security researchers warned that the spate of attacks on American state and local systems could mirror the trajectory of those attacks: Russia’s hackers using their foothold in seemingly random victims’ networks to mine for more interesting targets closer to the election on Nov. 3. They could take steps like pulling offline the databases that verify voters’ signatures on mail-in ballots, or given their particular expertise, shutting power to key precincts.
“The most disconcerting piece is that it demonstrates Russia’s intent and ability to target systems near and dear to us, but that shouldn’t surprise us,” said Frank Cilluffo, the director of Auburn University’s McCrary Institute for Cyber and Critical Infrastructure Security.
By deputizing the F.S.B.’s stealthiest infrastructure hackers to target state and local systems, some security experts believe Russia may be hedging its bets.
If, for example, Mr. Putin believes President Trump will be re-elected and wants to forge a better relationship with the United States, he may want to limit the degree to which Russia is seen as interfering.
Likewise, the experts said, if former Vice President Joseph R. Biden Jr., the Democratic nominee, is elected, Russia may try to use its foothold in the systems to weaken or delegitimize him, or it may hold back so as not to provoke the new administration.
“By doing this more quietly, you give yourself more options,” Ms. Spaulding said.
Wow, marvelous blog format! How long have you been running a
blog for? you made blogging glance easy. The whole glance of your site is magnificent, as neatly as the content material!
You can see similar here e-commerce
Howdy! Do you know if they make any plugins to help with Search Engine Optimization?
I’m trying to get my blog to rank for some targeted keywords
but I’m not seeing very good gains. If you
know of any please share. Thank you! You can read similar blog here: GSA Verified List
Your blog is a wealth of information. I always learn something new from your posts. This one was particularly enlightening. Great job!blogpulse
Hi! Do you know if they make any plugins to assist with
SEO? I’m trying to get my site to rank for
some targeted keywords but I’m not seeing very good gains.
If you know of any please share. Many thanks!
I saw similar article here: Where to escape room
You need to be a part of a contest for one of the finest blogs on the web. I most certainly will recommend this website!
I will right away take hold of your rss feed as I can not in finding your email subscription hyperlink or e-newsletter service. Do you’ve any? Kindly allow me understand in order that I may just subscribe. Thanks!
You should be a part of a contest for one of the greatest blogs on the web. I most certainly will highly recommend this blog!
Good blog you’ve got here.. It’s difficult to find excellent writing like yours these days. I seriously appreciate individuals like you! Take care!!
bookmarked!!, I really like your web site.
I’d like to thank you for the efforts you’ve put in penning this site. I really hope to view the same high-grade blog posts from you later on as well. In truth, your creative writing abilities has inspired me to get my own blog now 😉
Hey! Do you know if they make any plugins to assist with Search Engine
Optimization? I’m trying to get my blog to rank for some targeted keywords but
I’m not seeing very good success. If you know of any please share.
Thank you! You can read similar text here
Nice post. I learn something totally new and challenging on blogs I stumbleupon every day. It will always be helpful to read through articles from other authors and use something from other websites.
Nice post. I learn something new and challenging on sites I stumbleupon on a daily basis. It will always be useful to read through content from other writers and use a little something from their sites.
I love it when folks get together and share ideas. Great blog, continue the good work.
Good web site you have here.. It’s hard to find excellent writing like yours these days. I truly appreciate people like you! Take care!!
에볼루션 주식 게임
Excellent blog you have got here.. It’s difficult to find excellent writing like yours nowadays. I honestly appreciate individuals like you! Take care!!
I couldn’t refrain from commenting. Well written.
Very good post. I definitely appreciate this website. Stick with it!
I was excited to uncover this page. I need to to thank you for your time for this fantastic read!! I definitely enjoyed every bit of it and I have you bookmarked to look at new information in your web site.
Great site you have here.. It’s difficult to find excellent writing like yours these days. I really appreciate individuals like you! Take care!!
You’ve made this topic accessible to everyone.버팀목 대출
I’m sharing this with my colleagues right away.개인회생 대출
Your approach is refreshing.검색엔진최적화 전문가
I must thank you for the efforts you’ve put in writing this site. I’m hoping to see the same high-grade content by you later on as well. In fact, your creative writing abilities has inspired me to get my very own site now 😉
The next time I read a blog, Hopefully it doesn’t fail me as much as this particular one. I mean, Yes, it was my choice to read through, however I genuinely thought you’d have something interesting to talk about. All I hear is a bunch of moaning about something you could possibly fix if you weren’t too busy seeking attention.
Can I just say what a relief to uncover someone who genuinely knows what they’re discussing over the internet. You definitely know how to bring a problem to light and make it important. A lot more people need to look at this and understand this side of the story. I was surprised you’re not more popular since you most certainly possess the gift.
This is a topic which is near to my heart… Take care! Where can I find the contact details for questions?
https://artdaily.com/news/171650/Mp3Juice-Review–The-Pros-and-Cons-You-Need-to-Know
Oh my goodness! Impressive article dude! Thanks, However I am experiencing problems with your RSS. I don’t know why I can’t subscribe to it. Is there anybody having the same RSS problems? Anyone who knows the answer will you kindly respond? Thanx.
Having read this I thought it was really enlightening. I appreciate you taking the time and energy to put this information together. I once again find myself personally spending a significant amount of time both reading and commenting. But so what, it was still worth it!
After I initially left a comment I seem to have clicked on the -Notify me when new comments are added- checkbox and now whenever a comment is added I receive four emails with the same comment. There has to be a means you are able to remove me from that service? Kudos.
A motivating discussion is definitely worth comment. I do think that you should publish more about this topic, it may not be a taboo subject but usually people do not discuss such subjects. To the next! All the best.
Hi, I do think this is an excellent blog. I stumbledupon it 😉 I’m going to come back once again since i have book-marked it. Money and freedom is the best way to change, may you be rich and continue to guide others.
Saved as a favorite, I like your site.
Spot on with this write-up, I seriously believe that this website needs a great deal more attention. I’ll probably be returning to read through more, thanks for the info!
The very next time I read a blog, I hope that it does not fail me as much as this one. I mean, I know it was my choice to read through, but I genuinely believed you’d have something helpful to talk about. All I hear is a bunch of whining about something that you could fix if you weren’t too busy seeking attention.
This is a topic that’s close to my heart… Many thanks! Exactly where are your contact details though?
Pretty! This has been a really wonderful article. Thank you for supplying this information.
Oh my goodness! Impressive article dude! Thanks, However I am experiencing issues with your RSS. I don’t know the reason why I am unable to join it. Is there anyone else having the same RSS problems? Anybody who knows the answer will you kindly respond? Thanx.
Hi, I do believe this is an excellent site. I stumbledupon it 😉 I may revisit once again since I bookmarked it. Money and freedom is the best way to change, may you be rich and continue to help others.
Very nice blog post. I absolutely love this site. Continue the good work!
When I initially commented I appear to have clicked on the -Notify me when new comments are added- checkbox and now every time a comment is added I recieve four emails with the exact same comment. Is there an easy method you can remove me from that service? Thanks.
Your post has clarified a lot for me.구글 백링크
Good web site you have got here.. It’s hard to find quality writing like yours nowadays. I really appreciate people like you! Take care!!
I wanted to thank you for this excellent read!! I absolutely enjoyed every bit of it. I have got you book marked to check out new things you post…
I see this topic in a new light now.백링크 작업
Great article! We will be linking to this particularly great content on our site. Keep up the good writing.
Great site you have got here.. It’s hard to find excellent writing like yours these days. I truly appreciate individuals like you! Take care!!
Great article. I will be going through some of these issues as well..
It’s difficult to find well-informed people on this topic, but you seem like you know what you’re talking about! Thanks
A fascinating discussion is definitely worth comment. I do think that you ought to write more about this subject matter, it may not be a taboo subject but usually people do not speak about such subjects. To the next! All the best!
I really like it when folks get together and share ideas. Great site, stick with it!
Spot on with this write-up, I honestly feel this site needs much more attention. I’ll probably be returning to see more, thanks for the info.
This site was… how do you say it? Relevant!! Finally I have found something that helped me. Many thanks.
This is the right web site for anyone who really wants to find out about this topic. You understand so much its almost hard to argue with you (not that I actually would want to…HaHa). You definitely put a brand new spin on a subject which has been discussed for a long time. Wonderful stuff, just excellent.
This is a topic that’s near to my heart… Best wishes! Where are your contact details though?
Good post! We will be linking to this particularly great post on our website. Keep up the good writing.
Everything is very open with a really clear explanation of the challenges. It was really informative. Your site is very helpful. Many thanks for sharing!
You made some decent points there. I looked on the web for more info about the issue and found most individuals will go along with your views on this website.
I wanted to thank you for this excellent read!! I certainly enjoyed every bit of it. I’ve got you book-marked to check out new stuff you post…
Your style is so unique compared to other folks I have read stuff from. Thanks for posting when you have the opportunity, Guess I will just bookmark this site.
I blog quite often and I really appreciate your information. Your article has truly peaked my interest. I will book mark your blog and keep checking for new information about once a week. I subscribed to your Feed too.
When I initially commented I appear to have clicked on the -Notify me when new comments are added- checkbox and now every time a comment is added I receive four emails with the same comment. There has to be a means you can remove me from that service? Thanks a lot.
This website truly has all the information I needed about this subject and didn’t know who to ask.
Hello there! I could have sworn I’ve visited this blog before but after going through many of the posts I realized it’s new to me. Nonetheless, I’m definitely delighted I stumbled upon it and I’ll be bookmarking it and checking back often.
Hi there! This post couldn’t be written much better! Looking at this post reminds me of my previous roommate! He always kept talking about this. I will send this post to him. Fairly certain he’s going to have a very good read. Thanks for sharing!
I like looking through an article that will make people think. Also, thank you for allowing me to comment.
I enjoy reading an article that can make men and women think. Also, thank you for allowing me to comment.
I’d like to thank you for the efforts you have put in writing this site. I am hoping to view the same high-grade content by you in the future as well. In truth, your creative writing abilities has inspired me to get my very own blog now 😉
I quite like looking through a post that can make people think. Also, many thanks for allowing for me to comment.
Everything is very open with a precise clarification of the issues. It was really informative. Your site is very helpful. Thank you for sharing!
I wanted to thank you for this good read!! I absolutely enjoyed every bit of it. I have got you bookmarked to check out new stuff you post…