Lights out
The Hidden Cyberwar: Iranian Dam Hacks, Russian Grid Infiltrations, and the Terrifying Evidence Nicole Perlroth Exposed
If you’ve read Nicole Perlroth’s outstanding (and honestly terrifying) cybersecurity book This Is How They Tell Me the World Ends (2021), you already know that the U.S. has spent the last decade under near-constant digital assault—mostly in silence.
Perlroth documents incidents that, at the time, barely made the news: Iranian breaches of American infrastructure, Russian supply-chain attacks, and a multi-year infiltration of U.S. electrical grids that intelligence officials privately called “GRIZZLY STEPPE.”
Below is a clean, verifiable list of the key events, including government documents, indictments, security-firm reports, and video demonstrations—so anyone can dig deeper into what was really happening in the shadows.
1. The 2013 Iranian Hack of the Bowman Avenue Dam
Contrary to early media assumptions, Iranian IRGC-linked hackers didn’t infiltrate the huge Bowman Dam in Oregon—they got inside a much smaller flood-control dam in Rye Brook, New York. They accessed it through a vulnerable cellular modem and reportedly could have manipulated the sluice gate, had it not been offline for maintenance.
Primary sources:
- U.S. Department of Justice Indictment of Seven Iranian Hackers (2016)
- Nicole Perlroth’s Original New York Times Report (2015)
- DHS/FBI GRIZZLY STEPPE Joint Analysis Report (2016)
2. Ali Abbasi’s Live ICS/PLC Hacking Demonstrations (2013–2014)
One of the most eye-opening moments in the cybersecurity world came when researcher Ali Abbasi gained full control of a Siemens S7-1200 PLC—in seconds—live on stage at industrial security conferences. His demonstrations showed how attackers could spoof sensors, falsify data, or cause physical damage, without the operators ever noticing.
Sources:
3. The Massive Russian Infiltration of U.S. Critical Infrastructure (2012–2017+)
This is the core of Perlroth’s most alarming chapter. Russian state hackers—linked to FSB and GRU units—quietly slipped into American power plants, utilities, nuclear facilities, and even control-room networks. Some intrusions lasted years. At least one U.S. intelligence assessment concluded that Russia had positioned itself to cause blackouts on demand.
Key technical reports & government documents:
- Symantec (2014): Dragonfly / Energetic Bear Report
- FireEye (2017): Dragonfly 2.0 Supply-Chain Attacks
- DHS/CISA Alert TA18-074A (2018): Russian Government Targeting U.S. Energy Sector
- Full DHS Technical PDF Report (2018)
- Dragos / E-ISAC CrashOverride Report (2019) – covers Ukraine blackouts, but tied to the same Russian units infiltrating U.S. systems.
4. The “Hostage Grid” Theory: Why the U.S. Didn’t Retaliate After Crimea (2014)
Perlroth quotes multiple intelligence officials who said that by 2014, Russia had such deep persistence inside U.S. energy and industrial networks that American leadership feared escalation. A kinetic response to Crimea might have triggered a cyber-retaliation capable of shutting down vast sections of the American grid.
Public statements hinting at this:
- DNI Dan Coats (2018): “The lights are blinking red.”
- Rob Joyce (NSC Cyber Coordinator) confirmed Russian access inside grid control rooms.
5. The Book Behind the Story
Perlroth’s book remains one of the most important works ever written about cyberweapons, zero-day markets, and the geopolitical arms race unfolding entirely in the digital realm.
Final Thoughts
Most Americans still don’t realize how close we’ve come—multiple times—to catastrophic infrastructure failures caused not by storms or accidents, but by foreign adversaries already embedded in our systems. Cyberwar isn’t “the next war.” It’s the war happening right now, quietly, in American substations, water plants, nuclear facilities, and industrial networks.
Perlroth’s evidence makes one thing crystal clear: The battlefield is already inside the United States—and it’s digital.
Comments
Post a Comment