Sputnik discussed the alleged Russian hackers’ attacks on the US electric grid with Kevin Curran, professor of Cyber Security School of Computing, Engineering and Intelligent Systems, Department of Computing, Engineering and the Built Environment at Ulster University.
Sputnik: In the case of hacking attacks is it possible to ever establish the location of hackers with 100% accuracy?
Kevin Curran: 100% accuracy is difficult. Really what we have is a digital crime and there is no physical footprint left. Tools are rendered empty but are developing; they are getting better, and again, the US would be one of the best in the business of being able to, the resources that they have in terms of cyber-forensics. It is difficult and now most security experts agree that you can attribute blame in cases where there’s been a large investigation, where resources have been thrown at it, but 100% is always very difficult, because again, what we have is a cyber crime, what we have is reliance on computers' IP addresses, which are unique identifiers, but things can be spoofed. You can do things to make it look like it was someone else, so you again, you can never be completely certain that you can attribute the source of an attack to a particular nation, or a particular hacking group, or a particular individual.
Sputnik: Can hackers hide their location while pretending to be from a different country? It seems like a basic question, I would’ve thought that is possible, but what’s a professional like yourself's point of you on that?
Kevin Curran: It is for most cases. What I would say is when it comes to nation-state attacks, all you have is the intelligence services actually would be monitoring and would have already got in link in to who they believe are carrying out attacks and in this case, of course, attribution is to the Dragonfly, this is the well-resourced Eastern European hacking group.
Sputnik: I suppose it’s not surprising really. According to the Wall Street Journal these attacks began back in 2015, why then in your view are these attacks being reported three years later, it’s obviously a large period of time that’s passed since then, isn't it?
Kevin Curran: It is indeed, they have released other ones in the past; they've let us know about attacks happening. The most famous one is the power grid attack, what we're talking about here is the energy companies and the power grids really. In Ukraine, in December 2015, there was an attack on their infrastructure and for six hours, during one of their coldest times ever, up to a quarter of a million houses were left without electricity. They grabbed the grid operators' control systems and took out 30 substations.
Sputnik: Some experts have pointed out the allegations come after the recent meeting between President Trump and President Putin in an attempt to stir up a further wave of Russophobia, have you go to point of view on that?
Kevin Curran: It’s possible, actually Trump himself, as I said earlier where most experts would agree that can attribute attribution, Trump himself said: 'Once they hack, if you don’t catch them in the act, then you’re not going to catch them again'. So there were a lot of people horrified that he said that. Trump himself has literally himself said that he doesn’t believe that you can attribute blame, but it’s hard to keep up with what Trump is saying against Russia and North Korea, and other countries really, really it's hard to keep up with Trump's statements.
The views expressed in this article are solely those of the speaker and do not necessarily reflect Sputnik’s official position.