DHS and FBI detail how Russia is hacking into U.S. nuclear facilities and other critical infrastructure

With a joint alert from the FBI and DHS, the Trump administration has formally accused the Russian government of a “multi-stage intrusion campaign” targeting the U.S. energy grid for the first time. The alert provides some specifics about an emerging threat that could translate a cyberattack into practical chaos for a country in the crosshairs of such an attack.

The alert elaborates on “Russian government actions targeting U.S. Government entities as well as organizations in the energy, nuclear, commercial facilities, water, aviation, and critical manufacturing sectors” — a goal consistent with suspected Russian cyberattacks like last year’s NotPetya malware which focused on industrial targets and past hacks of energy systems in Ukraine. The joint report by FBI and DHS links to Symantec research from October 2017 that detailed efforts by a “sophisticated attack group” then only known as Dragonfly which “[appeared] to be interested in both learning how energy facilities operate and also gaining access to operational systems themselves.”

It’s clear from the alert that Russian reconnaissance efforts to probe critical infrastructure systems were also paired with an effort to override control for those systems:

“DHS and FBI characterize this activity as a multi-stage intrusion campaign by Russian government cyber actors who targeted small commercial facilities’ networks where they staged malware, conducted spear phishing, and gained remote access into energy sector networks. After obtaining access, the Russian government cyber actors conducted network reconnaissance, moved laterally, and collected information pertaining to Industrial Control Systems (ICS).”

To carry out their aims, the attackers employed a blend of technical attacks, social engineering and basic online sleuthing. In one instance, the report describes how the hackers downloaded a small image displayed on a target’s public human resources page. By blowing up the photo, the attackers revealed a “high-resolution photo that displayed control systems equipment models and status information in the background” — a considerable oversight and evidence of just how unevenly implemented basic operational security precautions can be in the energy sector.

During the early stage of compromising a system, the alert states that the threat actors used spear-phishing attacks originating from an already hacked legitimate account and watering hole domains, among other methods. After infiltrating a system, the attackers made organized efforts to cover their tracks, deleting logs and removing installed applications, including the VPN software FortiClient.

More technical detail is available in the document itself on the US-CERT website.



More From this publisher : HERE ; This post was curated using : TrendingTraffic

 


RELATED PRODUCTS
  • Learn How To Travel Hack and Start Flying First Class And Staying In 5-star Hotels
  • Take Positive Thinking To The Next Level And Change Your Life.
  • LEARN THE RIGHT WAY THAT CAN MAKE ANY WOMAN SEXUALLY ADDICTED TO YOU
  • Brand New Forex Indicator Allows You To Make Profit Without Stress.
  • The First Practical Step By Step Roadmap For Designing Profitable Trading Systems
  • Find the nearest natural nuclear shelters in the US that are absolutely free.
  • Discover The Secrets To Generate Massive Windfalls Of Wealth By Hacking Your Brain
  • Find The Right Mental Attitude To Become A Profitable Betfair Trader
  • Online course for a permit to carry a a concealed weapon in 28 states which is honored.
  • Discover the 3 Critical Mistakes Preventing You From Earning Real Money With Your Writing.
  • Beat Your Procrastination For GOOD Without 'Willpower' or 'Hard Work'
  • Destroy workout plateaus and trash boring and outdated interval workout with 51 news
  • Plunder The Forbidden Secrets Locked Deeply In A Mans Mind.
  • The Worlds Smartest and Low Maintenance Cricket Breeding Methods
  • This gives you a practical step by step blueprint to rapidly develop mental strength
  • Clickbank Ads
     

    Recommended Products

    WP Toolkit (yearly)

    600+ Premium Themes and Plugins with Developers Rights WP Toolkit is a simply massive library of Premium WordPress Tools, offered at literally ‘pennies on the dollar’, complete with Devleopers rights...

    Stockocity 1 Professional + Timewarp Bundle

    Stockocity 1 Professional Library PLUS Timewarp your Stockocity 1 and 2 purchase and have the next 24 months of videos available in your account today.

    PLR Sales Funnels- Combo Package - Downsell (3 Packages)

    Brand New, High Converting Biz in a Box You Can Sell As Your Own And Keep 100% Of The Cash In Your Pockets For Years To Come

    Comments are closed