City of Medicine Hat Electric Utility Recognized for Health and Safety Excellence

Manitoba Hydro rate hikes face public hearings over electricity rates, utility bills, and debt, with impacts on low-income households, Indigenous communities, and Winnipeg services amid credit rating pressure and rising energy costs.

Key Points

Manitoba Hydro seeks 7.9% annual increases to stabilize finances and debt, impacting electricity costs for households.

✅ Proposed hikes: 7.9% yearly through 2023/24

✅ Driven by debt, credit rating declines, rising interest

✅ Disproportionate impact on low-income and Indigenous communities

Hearings began Monday into Manitoba Hydro’s request for consecutive annual rate hikes of 7.9 per cent.  The crown corporation is asking for the steep hikes to commence April 1, 2018.

The increases would continue through 2023/2024, under a multi-year rate plan before dropping to what Hydro calls “sustainable” levels.

Patti Ramage, legal counsel for Hydro, said while she understands no one welcomes the “exceptional” rate increases, the company is dealing with exceptional circumstances.

It’s the largest rate increase Hydro has ever asked for, though a scaled-back increase was discussed later, saying rising debt and declining credit ratings are affecting its financial stability.

President and CEO Kelvin Shepherd said Hydro is borrowing money to fund its interest payments, and acknowledged that isn’t an effective business model.

Hydro’s application states that it will be spending up to 63 per cent of its revenue on paying financial expenses if the current request for rate hikes is not approved.

If it does get the increase it wants, that number could shrink to 45 per cent – which Ramage says is still quite high, but preferable to the alternative.

She cited the need to take immediate action to fix Hydro’s finances instead of simply hoping for the best.

“The worst thing we can do is defer action… that’s why we need to get this right,” Ramage said.

A number of intervenors presented varying responses to Hydro’s push for increased rates, with many focusing on how the hikes would affect Manitobans with lower incomes.

Senwung Luk spoke on behalf of the Assembly of Manitoba Chiefs, and said the proposed rates would hit First Nations reserves particularly hard.

He noted that 44.2 per cent of housing on reserves in the province needs significant improvement, which means electricity use tends to be higher to compensate for the lower quality of infrastructure.

Luk says this problem is compounded by the higher rates of poverty in Indigenous populations, with 76 per cent of children on reserves in Manitoba living below the poverty line.

If the increase goes forward, he said the AMC hopes to see a reduced rate for those living on reserves, despite a recent appeal court ruling on such pricing.

Byron Williams, speaking on behalf of the Consumers Coalition, said the 7.9 per cent increase unreasonably favours the interests of Hydro, and is unjustly biased against virtually everyone else.

In Saskatchewan, the NDP criticized an SaskPower 8 per cent rate hike as unfair to customers, highlighting regional concerns.

Williams said customers using electric space heating would be more heavily targeted by the rate increase, facing an extra $13.14 a month as opposed to the $6.88 that would be tacked onto the bills of those not using electric space heating.

Williams also called Hydro’s financial forecasts unreliable, bringing the 7.9 per cent figure into question.

Lawyer George Orle, speaking for the Manitoba Keewatinowi Okimakanak, said the proposed rate hikes would “make a mockery” of the sacrifices made by First Nations across the province, given that so much of Hydro’s infrastructure is on Indigenous land.

The city of Winnipeg also spoke out against the jump, saying property taxes could rise or services could be cut if the hikes go ahead to compensate for increased, unsustainable electricity costs.

In British Columbia, a BC Hydro 3 per cent increase also moved forward, drawing attention to affordability.

A common theme at the hearing was that Hydro’s request was not backed by facts, and that it was heading towards fear-mongering.

Manitoba Hydro’s CEO begged to differ as he plead his case during the first hearing of a process that is expected to take 10 weeks.

Related News

• Electricity Forum News

• Energy Policy News

Crouching Yeti APT targets energy infrastructure with watering-hole attacks, compromising servers to steal credentials and stage intrusions; Kaspersky Lab links the Energetic Bear group to ICS threats across Russia, US, Europe, and Turkey.

Key Points

Crouching Yeti APT, aka Energetic Bear, is a threat group that targets energy firms using watering-hole attacks.

✅ Targets energy infrastructure via watering-hole compromises

✅ Uses open-source tools and backdoored sshd for persistence

✅ Scans global servers to stage intrusions and steal credentials

A hacker collective known for attacking industrial companies around the world have had some of their infrastructure identified by Russian security specialists.

Kaspersky Lab said that it has discovered a number of servers compromised by the group, belonging to different organisations based in Russia, the US, and Turkey, as well as European countries.

The Russian-speaking hackers, known as Crouching Yeti or Energetic Bear, mostly focus on energy facilities, as seen in reports of infiltration of the U.S. power grid targeting critical infrastructure, for the main purpose of stealing valuable data from victim systems.

Hacked servers

Crouching Yeti is described as an advanced persistent threat (APT) group that Kaspersky Lab has been tracking since 2010.

#google#

Kaspersky Lab said that the servers it has compromised are not just limited to industrial companies. The servers were hit in 2016 and 2017 with different intentions. Some were compromised to gain access to other resources or to be used as intermediaries to conduct attacks on other resources.

Others, including those hosting Russian websites, were used as watering holes.

It is a common tactic for Crouching Yeti to utilise watering hole attacks where the attackers inject websites with a link redirecting visitors to a malicious server.

“In the process of analysing infected servers, researchers identified numerous websites and servers used by organisations in Russia, US, Europe, Asia and Latin America that the attackers had scanned with various tools, possibly to find a server that could be used to establish a foothold for hosting the attackers’ tools and to subsequently develop an attack,” said the security specialists in a blog posting.

“The range of websites and servers that captured the attention of the intruders is extensive,” the firm said. “Kaspersky Lab researchers found that the attackers had scanned numerous websites of different types, including online stores and services, public organisations, NGOs, manufacturing, etc.

Kaspersky Lab said that the hackers used publicly available malicious tools, designed for analysing servers, and for seeking out and collecting information. The researchers also found a modified sshd file with a preinstalled backdoor. This was used to replace the original file and could be authorised with a ‘master password’.

“Crouching Yeti is a notorious Russian-speaking group that has been active for many years and is still successfully targeting industrial organisations through watering hole attacks, among other techniques,” explained Vladimir Dashchenko, head of vulnerability research group at Kaspersky Lab ICS CERT.

Russian government?

“Our findings show that the group compromised servers not only for establishing watering holes, but also for further scanning, and they actively used open-sourced tools that made it much harder to identify them afterwards,” he said.

“The group’s activities, such as initial data collection, the theft of authentication data, and the scanning of resources, are used to launch further attacks,” said Dashchenko. “The diversity of infected servers and scanned resources suggests the group may operate in the interests of the third parties.”

This may well tie into a similar conclusion from a rival security vendor.

In 2014 CrowdStrike claimed that the ‘Energetic Bear’ group was also tracked in Symantec's Dragonfly research and had been hacking foreign companies on behalf of the Russian state.

The security vendor had said the group had been carrying out attacks on foreign companies since 2012, with reports of breaches at U.S. power plants that underscored the campaign, and there was evidence that these operations were sanctioned by the Russian government.

Last month the United States for the first time publicly accused Russia in a condemnation of Russian grid hacking of attacks against the American power grid.

Symantec meanwhile warned last year of a resurgence in cyber attacks on European and US energy companies, including reports of access to U.S. utility control rooms that could result in widespread power outages.

And last July the UK’s National Cyber Security Centre (NCSC) acknowledged it was investigating a broad wave of attacks on companies in the British energy and manufacturing sectors.

Related News

• Electricity Forum News

• Grid Technologies News

Smart solar inverters anchor DER communications and control, meeting IEEE 1547 and California Rule 21 for volt/VAR, reactive power, and ride-through, expanding hosting capacity and enabling grid services via secure real-time telemetry and commands.

Key Points

Smart solar inverters use IEEE 1547, volt/VAR and reactive power to stabilize circuits and integrate DER safely.

✅ Meet IEEE 1547, Rule 21 ride-through and volt/VAR functions

✅ Support reactive power to manage voltage and hosting capacity

✅ Enable utility communications, telemetry, and grid services

Advanced solar inverters could be one of the biggest distributed energy resource communications and control points out there someday. With California now requiring at least early-stage “smart” capabilities from all new solar projects — and a standards road map for next-stage efforts like real-time communications and active controls — this future now has a template.

There are still a lot of unanswered questions about how smart inverters will be used.

That was the consensus at Intersolar this week, where experts discussed the latest developments on the U.S. smart solar inverter front. After years of pilot projects, multi-stakeholder technical working groups, and slow and steady standards development, solar smart inverters are finally starting to hit the market en masse — even if it’s not yet clear just what will be done with them once they’re installed.

“From the technical perspective, the standards are firm,” Roger Salas, distribution engineering manager for Southern California Edison, said. In September of last year, his utility started requiring that all new solar installations come with “Phase 1" advanced inverter functionality, as defined under the state’s Rule 21.

Later this month, it’s going to start requiring “reactive power priority” for these inverters, and in February 2019, it’s going to start requiring that inverters support the communications capabilities described in “Phase 2,” as well as some more advanced “Phase 3” capabilities.

Increasing hosting capacity: A win-win for solar and utilities

Each of these phases aligns with a different value proposition for smart inverters. The first phase is largely preventative, aimed at solving the kinds of problems that have forced costly upgrades to how inverters operate in solar-heavy Germany and Hawaii.

The key standard in question in the U.S. is IEEE 1547, which sets the rules for what grid-connected DERs must do to stay safe, such as trip offline when the grid goes down, or avoid overloading local transformers or circuits.

The old version of the standard, however, had a lot of restrictive rules on tripping off during relatively common voltage excursions, which could cause real problems on circuits with a lot of solar dropping off all at once.

Phase 1 implementation of IEEE 1547 is all about removing these barriers, Salas said. “They need to be stable, they need to be connected, they need to be able to support the grid.”

This should increase hosting capacity on circuits that would have otherwise been constrained by these unwelcome behaviors, he said.

Reactive power: Where utility and solar imperatives collide

The old versions of IEEE 1547 also didn’t provide rules for how inverters could use one of their more flexible capabilities: the ability to inject or absorb reactive power to mitigate voltage fluctuations, including those that may be caused by the PV itself. The new version opens up this capability, which could allow for an active application of reactive power to further increase hosting capacity, as well as solve other grid edge challenges for utilities.

But where utilities see opportunity, the solar industry sees a threat. Every unit of reactive power comes at the cost of a reduction in the real power output of solar inverters — and almost every solar installation out there is paid based on the real power it produces.

“If you’re tasked to do things that rob your energy sales, that will reduce compensation,” noted Ric O'Connell, executive director of the Oakland, Calif.-based GridLab. “And a lot of systems have third-party owners — the Sunruns, the Teslas — with growing Powerwall fleets — that have contracts, performance guarantees, and they want to get those financed. It’s harder to do that if there’s uncertainty in the future with curtailment."

“That’s the bottleneck right now,” said Daniel Munoz-Alvarez, a GTM Research grid edge analyst. “As we develop markets on the retail end for ...volt/VAR control to be compensated on the grid edge and that is compensated back to the customer, then the customer will be more willing to allow the utility to control their smart inverters or to allow some automation.”

But first, he said, “We need some agreed-upon functions.”

The future: Communications, controls and DER integration

The next stage of smart inverter functionality is establishing communications with the utility. After that, utilities will be able use them to monitor key DER data, or issue disconnect and reconnect commands in emergencies, as well as actively orchestrate other utility devices and systems through emerging virtual power plant strategies across their service areas.

This last area is where Salas sees the greatest opportunity to putting mass-market smart solar inverters to use. “If you want to maximize the DERs and what they can do, the need information from the grid. And DERs provide operational and capability information to the utility.”

Inverter makers have already been forced by California to enable the latest IEEE 1547 capabilities into their existing controls systems — but they are clearly embracing the role that their devices can play on the grid as well. Microinverter maker Enphase leveraged its work in Hawaii into a grid services business, seeking to provide data to utilities where they already had a significant number of installations. While Enphase has since scaled back dramatically, its main rival SolarEdge has taken up the same challenge, launching its own grid services arm earlier this summer.

Inverters have been technically capable of doing most of these things for a long time. But utilities and regulators have been waiting for the completion of IEEE 1547 to move forward decisively. Patrick Dalton, senior engineer for Xcel Energy, said his company’s utilities in Colorado and Minnesota are still several years away from mandating advanced inverter capabilities and are waiting for California’s energy transition example in order to choose a path forward.

In the meantime, it’s possible that Xcel's front-of-meter volt/VAR optimization investments in Colorado, including grid edge devices from startup Varentec, could solve many of the issues that have been addressed by smart inverter efforts in Hawaii and California, he noted.

The broader landscape for rolling out smart inverters for solar installations hasn’t changed much, with Hawaii and California still out ahead of the pack, while territories such as Puerto Rico microgrid rules evolve to support resilience. Arizona is the next most important state, with a high penetration of distributed solar, a contentious policy climate surrounding its proper treatment in future years, and a big smart inverter pilot from utility Arizona Public Service to inform stakeholders.

All told, eight separate smart inverter pilots are underway across eight states at present, according to GTM Research: Pacific Gas & Electric and San Diego Gas & Electric in California; APS and Salt River Project in Arizona; Hawaiian Electric in Hawaii; Duke Energy in North Carolina; Con Edison in New York; and a three-state pilot funded by the Department of Energy’s SunShot program and led by the Electric Power Research Institute.

Related News

• Electricity Forum News

• Grid Technologies News

Cambodia-CNNC Nuclear Energy MoU advances peaceful nuclear cooperation, human resources development, and Belt and Road ties, targeting energy security and applications in medicine, agriculture, and industry across ASEAN under IAEA-guided frameworks.

Key Points

A pact to expand peaceful nuclear tech and skills, boosting Cambodia's energy, healthcare under ASEAN and Belt and Road.

✅ Human resources development and training pipelines

✅ Peaceful nuclear applications in medicine, agriculture, industry

✅ Aligns with IAEA guidance, ASEAN links, Belt and Road goals

Cambodia has signed a memorandum of understanding with China National Nuclear Corporation (CNNC) on cooperation in the peaceful use of nuclear energy. The agreement calls for cooperation on human resources development.

The agreement was signed yesterday by CNNC chief accountant Li Jize and Tekreth Samrach, Cambodia's secretary of state of the Office of the Council of Ministers and vice chairman of the Cambodian Commission on Sustainable Development. It was signed during the 14th China-ASEAN Expo and China-ASEAN Business and Investment Summit, being held in Nanning, the capital of China's Guangxi province.

The signing was witnessed by Cambodia's minister of commerce and other government officials, CNNC said.

"This is another important initiative of China National Nuclear Corporation in implementing the 'One Belt, One Road' strategy as China's nuclear program continues to advance and strengthening cooperation with ASEAN countries in international production capacity, laying a solid foundation for follow-up cooperation between the two countries," CNNC said.

One Belt, One Road is China's project to link trade in about 60 Asian and European countries along a new Silk Road, even as Romania ended talks with a Chinese partner in a separate nuclear project.

CNNC noted that Cambodia's current power supply cannot meet its basic electricity needs, while sectors including medicine, agriculture and industry require a "comprehensive upgrade". It said Cambodia has great market potential for nuclear power and nuclear technology applications.

On 14 August, CNNC vice president Wang Jinfeng met with Tin Ponlok, secretary general of Cambodia's National Council for Sustainable Development, to consult on the draft MOU. Cambodia's Ministry of Environment said these discussions focused on human resources in nuclear power for industrial development and environmental protection.

In late August, CNNC president Qian Zhimin visited Cambodia and met Say Chhum, president of the Senate of Cambodia. Qian noted that CNNC will support Cambodia in applying nuclear technologies in industry, agriculture and medical science, thus developing its economy and improving the welfare of the population. Cambodia can start training workers, promoting new energy exploitation as India's nuclear revival progresses in Asia, and infrastructure construction, and increasing its capabilities in scientific research and industrial manufacturing, he said. This will help the country achieve its long-term goal of the peaceful use of nuclear energy, he added.

In November 2015, Russian state nuclear corporation Rosatom signed a nuclear cooperation agreement with Cambodia, focused on a possible research reactor, but with consideration of nuclear power, while KHNP in Bulgaria illustrates parallel developments in Europe. A further cooperation agreement was signed in March 2016, and in May Rosatom and the National Council for Sustainable Development signed memoranda to establish a nuclear energy information centre in Cambodia and set up a joint working group on the peaceful uses of atomic energy.

In mid-2016, Cambodia's Ministry of Industry, Mines and Energy held discussions with CNNC on building a nuclear power plant and establishing the regulatory and legal infrastructure for that, in collaboration with the International Atomic Energy Agency, mirroring IAEA assistance in Bangladesh on nuclear development.

Related News

• Electricity Forum News

• Power Generation News

Site C Dam Electricity Demand underscores B.C.'s decarbonization path, enabling electrification of EVs, heat pumps, and industry, aligning with BC Hydro forecasts and 2030/2050 GHG targets to supply dependable, renewable baseload power.

Key Points

Projected clean power tied to Site C, driven by B.C. electrification to meet 2030 and 2050 greenhouse gas targets.

✅ Aligns with 25-30% by 2030 and 55-70% by 2050 GHG cuts

✅ Supports EVs, heat pumps, and industrial electrification

✅ Provides dependable baseload alongside efficiency gains

There are valid reasons not to build the Site C dam. There are also valid reasons to build it. One of the latter is the rapid increase in clean electricity needed to reduce B.C.’s greenhouse gas emissions from burning natural gas, gasoline, diesel and other harmful fossil fuel products.

Although former Premier Christy Clark casually avoided near-term emissions targets, Prime Minister Justin Trudeau has set Canadian targets for both 2030 and 2050, and cleaning up Canada's electricity is critical to meeting them. Studies by my research group at Simon Fraser University and other independent analysts show that B.C.’s cost-effective contribution to these national targets requires us to reduce our emissions 25 to 30 per cent by 2030 and 55 to 70 per cent by 2050 — an energy evolution involving, among other things, a much greater use of electricity in buildings, vehicles and industry.

Recent submissions to the Site C hearing have offered widely different estimates of B.C.’s electricity demand in the decade after the project’s completion in 2025, some arguing the dam’s output will be completely surplus to domestic need for years and perhaps decades, even though improved B.C.-Alberta grid links could help balance regional demand. Some of this variation in demand forecasts is understandable. Industrial demand is especially difficult to predict, dependent as it is on global economic conditions and shifting trade relations. And there are legitimate uncertainties about B.C. Hydro’s ability to reduce electricity demand by promoting efficient products and behaviour through its Power Smart program. But some of the forecasts appear to be deliberate exaggerations, designed to support fixed positions for or against Site C.

Our university-based research team models the energy system changes required to meet national and provincial emissions targets, and we have been comparing estimates of the electricity demand implications. These estimates are produced by academics, as well as by key institutions like B.C. Hydro, the National Energy Board, and the governments of Canada and B.C.

Most electricity forecasts for B.C., including the most recent by B.C. Hydro, do not assume that B.C. reduces its greenhouse gas emissions by 25 to 30 per cent by 2030 and 55 to 70 per cent by 2050. When we adjust Hydro’s forecast for just the low end of these targets, we find that in its latest, August 30, submission to the Site C hearing, which followed the premier’s over-budget go-ahead on the project, Hydro has underestimated the demand for its electricity by about three terawatt-hours in 2025, four in 2030 and 10 in 2035. Hydro’s forecast indicates that it will need the five terawatt-hours from Site C. Our research shows that even if Hydro’s demand forecast is too high, appropriate climate policy nationally and in B.C. will absorb all the electricity the dam can produce soon after its completion.

B.C. Hydro does not forecast electricity demand to 2050. But, studies by us and others show that B.C. electricity demand will be almost double today’s levels if we are to reduce emissions by 55 to 70 per cent, even amid a documented risk of missing the 2050 target, in just over three decades while our population, economy, buildings and equipment grow significantly. Most mid- and small-sized vehicles will be electric. Most buildings will be well insulated and heated by electric resistance or electric heat-pumps, either individually or via district heating systems. And many low temperature industrial applications will be electric.

Aggressive efforts to promote energy efficiency will make an important contribution, such that energy demand will not grow nearly as fast as the economy. But it is delusional to think that humans will stop using energy. Even climate policy scenarios in which we assume unprecedented success with energy efficiency show dramatic increases in the consumption of electricity, this being the most favoured zero-emission form of energy as a replacement for planet-destroying gasoline and natural gas.

The completion of the Site C dam is a complicated and challenging societal choice, and delay-related cost risks highlighted by the premier underscore the stakes. There is unbiased evidence and argument supporting either completion or cancellation. But let’s stick to the unbiased evidence. In the case of our 2030 and 2050 greenhouse gas reduction targets, such evidence shows that we must substantially increase our generation of dependable electricity. If the Site C dam is built, and if we are true to our climate goals, all its electricity will be used in B.C. soon after completion.

Mark Jaccard is a professor of sustainable energy in the School of Resource and Environmental Management at Simon Fraser University.

Related News

• Electricity Forum News

• Climate Change News

Russian Cyberattacks on U.S. Critical Infrastructure target energy grids, nuclear plants, water systems, and aviation, DHS and FBI warn, using spear phishing, malware, and ICS/SCADA intrusion to gain footholds for potential sabotage and disruption.

Key Points

State-backed hacks targeting U.S. energy, nuclear, water and aviation via phishing and ICS access for sabotage.

✅ DHS and FBI detail multi-stage intrusion since 2016

✅ Targets include energy, nuclear, water, aviation, manufacturing

✅ TTPs: spear phishing, lateral movement, ICS reconnaissance

Russia is attacking the U.S. energy grid, with reported power plant breaches unfolding alongside attacks on nuclear facilities, water processing plants, aviation systems, and other critical infrastructure that millions of Americans rely on, according to a new joint analysis by the FBI and the Department of Homeland Security.

In an unprecedented alert, the US Department of Homeland Security (DHS) and FBI have warned of persistent attacks by Russian government hackers on critical US government sectors, including energy, nuclear, commercial facilities, water, aviation and manufacturing.

The alert details numerous attempts extending back to March 2016 when Russian cyber operatives targeted US government and infrastructure.

The DHS and FBI said: “DHS and FBI characterise this activity as a multi-stage intrusion campaign by Russian government cyber-actors who targeted small commercial facilities’ networks, where they staged malware, conducted spear phishing and gained remote access into energy sector networks.

“After obtaining access, the Russian government cyber-actors conducted network reconnaissance, moved laterally and collected information pertaining to industrial control systems.”

The Trump administration has accused Russia of engineering a series of cyberattacks that targeted American and European nuclear power plants and water and electric systems, and could have sabotaged or shut power plants off at will.

#google#

United States officials and private security firms saw the attacks as a signal by Moscow that it could disrupt the West’s critical facilities in the event of a conflict.

They said the strikes accelerated in late 2015, at the same time the Russian interference in the American election was underway. The attackers had compromised some operators in North America and Europe by spring 2017, after President Trump was inaugurated.

In the following months, according to the DHS/FBI report, Russian hackers made their way to machines with access to utility control rooms and critical control systems at power plants that were not identified. The hackers never went so far as to sabotage or shut down the computer systems that guide the operations of the plants.

Still, new computer screenshots released by the Department of Homeland Security have made clear that Russian state hackers had the foothold they would have needed to manipulate or shut down power plants.

“We now have evidence they’re sitting on the machines, connected to industrial control infrastructure, that allow them to effectively turn the power off or effect sabotage,” said Eric Chien, a security technology director at Symantec, a digital security firm.

“From what we can see, they were there. They have the ability to shut the power off. All that’s missing is some political motivation,” Mr. Chien said.

American intelligence agencies were aware of the attacks for the past year and a half, and the Department of Homeland Security and the F.B.I. first issued urgent warnings to utility companies in June, 2017. Both DHS/FBI have now offered new details as the Trump administration imposed sanctions against Russian individuals and organizations it accused of election meddling and “malicious cyberattacks.”

It was the first time the administration officially named Russia as the perpetrator of the assaults. And it marked the third time in recent months that the White House, departing from its usual reluctance to publicly reveal intelligence, blamed foreign government forces for attacks on infrastructure in the United States.

In December, the White House said North Korea had carried out the so-called WannaCry attack that in May paralyzed the British health system and placed ransomware in computers in schools, businesses and homes across the world. Last month, it accused Russia of being behind the NotPetya attack against Ukraine last June, the largest in a series of cyberattacks on Ukraine to date, paralyzing the country’s government agencies and financial systems.

But the penalties have been light. So far, President Trump has said little to nothing about the Russian role in those attacks.

The groups that conducted the energy attacks, which are linked to Russian intelligence agencies, appear to be different from the two hacking groups that were involved in the election interference.

That would suggest that at least three separate Russian cyberoperations were underway simultaneously. One focused on stealing documents from the Democratic National Committee and other political groups. Another, by a St. Petersburg “troll farm” known as the Internet Research Agency, used social media to sow discord and division. A third effort sought to burrow into the infrastructure of American and European nations.

For years, American intelligence officials tracked a number of Russian state-sponsored hacking units as they successfully penetrated the computer networks of critical infrastructure operators across North America and Europe, including in Ukraine.

Some of the units worked inside Russia’s Federal Security Service, the K.G.B. successor known by its Russian acronym, F.S.B.; others were embedded in the Russian military intelligence agency, known as the G.R.U. Still others were made up of Russian contractors working at the behest of Moscow.

Russian cyberattacks surged last year, starting three months after Mr. Trump took office.

American officials and private cybersecurity experts uncovered a series of Russian attacks aimed at the energy, water and aviation sectors and critical manufacturing, including nuclear plants, in the United States and Europe. In its urgent report in June, the Department of Homeland Security and the F.B.I. notified operators about the attacks but stopped short of identifying Russia as the culprit.

By then, Russian spies had compromised the business networks of several American energy, water and nuclear plants, mapping out their corporate structures and computer networks.

They included that of the Wolf Creek Nuclear Operating Corporation, which runs a nuclear plant near Burlington, Kan. But in that case, and those of other nuclear operators, Russian hackers had not leapt from the company’s business networks into the nuclear plant controls.

Forensic analysis suggested that Russian spies were looking for inroads — although it was not clear whether the goal was to conduct espionage or sabotage, or to trigger an explosion of some kind.

In a report made public in October, Symantec noted that a Russian hacking unit “appears to be interested in both learning how energy facilities operate and also gaining access to operational systems themselves, to the extent that the group now potentially has the ability to sabotage or gain control of these systems should it decide to do so.”

The United States sometimes does the same thing. It bored deeply into Iran’s infrastructure before the 2015 nuclear accord, placing digital “implants” in systems that would enable it to bring down power grids, command-and-control systems and other infrastructure in case a conflict broke out. The operation was code-named “Nitro Zeus,” and its revelation made clear that getting into the critical infrastructure of adversaries is now a standard element of preparing for possible conflict.

Reconstructed screenshot fragments of a Human Machine Interface that the threat actors accessed, according to DHS

Sanctions Announced

The US treasury department has imposed sanctions on 19 Russian people and five groups, including Moscow’s intelligence services, for meddling in the US 2016 presidential election and other malicious cyberattacks.

Russia, for its part, has vowed to retaliate against the new sanctions.

The new sanctions focus on five Russian groups, including the Russian Federal Security Service, the country’s military intelligence apparatus, and the digital propaganda outfit called the Internet Research Agency, as well as 19 people, some of them named in the indictment related to election meddling released by special counsel Robert Mueller last month.

In announcing the sanctions, which will generally ban U.S. people and financial institutions from doing business with those people and groups, the Treasury Department pointed to alleged Russian election meddling, involvement in the infrastructure hacks, and the NotPetya malware, which the Treasury Department called “the most destructive and costly cyberattack in history.”

The new sanctions come amid ongoing criticism of the Trump administration’s reluctance to punish Russia for cyber and election meddling. Sen. Mark Warner (D-Va.) said that, ahead of the 2018 mid-term elections, the administration’s decision was long overdue but not enough. “Nearly all of the entities and individuals who were sanctioned today were either previously under sanction during the Obama Administration, or had already been charged with federal crimes by the Special Counsel,” Warner said.

Warning: The Russians Are Coming

In an updated warning to utility companies, DHS/FBI officials included a screenshot taken by Russian operatives that proved they could now gain access to their victims’ critical controls, prompting a renewed focus on protecting the U.S. power grid among operators.

American officials and security firms, including Symantec and CrowdStrike, believe that Russian attacks on the Ukrainian power grid in 2015 and 2016 that left more than 200,000 citizens there in the dark are an ominous sign of what the Russian cyberstrikes may portend in the United States and Europe in the event of escalating hostilities.

Private security firms have tracked the Russian government assaults on Western power and energy operators — conducted alternately by groups under the names Dragonfly campaigns alongside Energetic Bear and Berserk Bear — since 2011, when they first started targeting defense and aviation companies in the United States and Canada.

By 2013, researchers had tied the Russian hackers to hundreds of attacks on the U.S. power grid and oil and gas pipeline operators in the United States and Europe. Initially, the strikes appeared to be motivated by industrial espionage — a natural conclusion at the time, researchers said, given the importance of Russia’s oil and gas industry.

But by December 2015, the Russian hacks had taken an aggressive turn. The attacks were no longer aimed at intelligence gathering, but at potentially sabotaging or shutting down plant operations.

At Symantec, researchers discovered that Russian hackers had begun taking screenshots of the machinery used in energy and nuclear plants, and stealing detailed descriptions of how they operated — suggesting they were conducting reconnaissance for a future attack.

Eventhough the US government enacted sanctions, cybersecurity experts are still questioning where the Russian attacks could lead, given that the United States was sure to respond in kind.

“Russia certainly has the technical capability to do damage, as it demonstrated in the Ukraine,” said Eric Cornelius, a cybersecurity expert at Cylance, a private security firm, who previously assessed critical infrastructure threats for the Department of Homeland Security during the Obama administration.

“It is unclear what their perceived benefit would be from causing damage on U.S. soil, especially given the retaliation it would provoke,” Mr. Cornelius said.

Though a major step toward deterrence, publicly naming countries accused of cyberattacks still is unlikely to shame them into stopping. The United States is struggling to come up with proportionate responses to the wide variety of cyberespionage, vandalism and outright attacks.

Lt. Gen. Paul Nakasone, who has been nominated as director of the National Security Agency and commander of United States Cyber Command, the military’s cyberunit, said during his recent Senate confirmation hearing, that countries attacking the United States so far have little to worry about.

“I would say right now they do not think much will happen to them,” General Nakasone said. He later added, “They don’t fear us.”

Related News

• Electricity Forum News

• Grid Technologies News