At the time I write this, stories from The Washington Post, USA Today (subsidiaries), and others are circulating around the web making the bold claim that the Left’s new boogeyman, Russia, is behind an attempt to compromise a power grid. Unfortunately, none of the sources perpetuating this lie have any evidence whatsoever to substantiate this claim.
This is where the so-called evidence starts and ends. The ‘smoking gun’ that Russia is the culprit is that malware found on a laptop not even connected to the aforementioned power grid that has been ‘linked to Russia’. It’s just too bad that doesn’t prove anything.
Malware is like normal software in every respect other than function. Rather than performing a task that the user wants, it performs a task that the attacker wants, usually to the detriment of the user. Malware, like software, can be used by anyone with access to it.
As a result, the claim that the attack can be linked to anyone at all is silly. Do we really know that the Russian Government secretly developed this malware, and has kept it secret since deployment? Actually, the claim that the attack is state-sponsored at all is dubious. The Joint-Access Report (JAR) released by the FBI and Department of homeland security is responsible for the claim that the attack is state sponsored.
Other than the fact that this claim has nothing backing it, the very same document provides a signature for the malware allegedly used by these RIS hackers:
This is just a simple rule that is used to search for malware on a compromised system, to analyze the attack after it has been done. The key here is “PAS_TOOL_PHP_WEB_KIT”, which refers to a tool called ‘P.A.S’, which is freely available for download.
Which of course means the claim is total bunk. The fact that Russian hackers use a tool called PAS doesn’t mean that PAS is exclusively used by Russians.
Ultimately, this little slice of… err… ‘fake news’ is just more Russian sensationalism. The amount of evidence actually linking the ‘attack’ to Russia is about how much evidence you’d expect from a crappy conspiracy theory, not from a reputable news source. The fact that these stories ran at all, and the fact that their claims were initially more exaggerated (The Washington Post originally claimed that the power grid had actually been compromised) speaks volumes about the current state of mainstream journalism.
If this event warranted a story at all, the headline should have been at the very most “Attempted attack on power grid; Russian hackers possibly to blame”. And even that is going a little to far.