DHS and FBI detail how Russia is hacking into U.S. nuclear facilities and other critical infrastructure

With a joint alert from the FBI and DHS, the Trump administration has formally accused the Russian government of a “multi-stage intrusion campaign” targeting the U.S. energy grid for the first time. The alert provides some specifics about an emerging threat that could translate a cyberattack into practical chaos for a country in the crosshairs of such an attack.

The alert elaborates on “Russian government actions targeting U.S. Government entities as well as organizations in the energy, nuclear, commercial facilities, water, aviation, and critical manufacturing sectors” — a goal consistent with suspected Russian cyberattacks like last year’s NotPetya malware which focused on industrial targets and past hacks of energy systems in Ukraine. The joint report by FBI and DHS links to Symantec research from October 2017 that detailed efforts by a “sophisticated attack group” then only known as Dragonfly which “[appeared] to be interested in both learning how energy facilities operate and also gaining access to operational systems themselves.”

It’s clear from the alert that Russian reconnaissance efforts to probe critical infrastructure systems were also paired with an effort to override control for those systems:

“DHS and FBI characterize this activity as a multi-stage intrusion campaign by Russian government cyber actors who targeted small commercial facilities’ networks where they staged malware, conducted spear phishing, and gained remote access into energy sector networks. After obtaining access, the Russian government cyber actors conducted network reconnaissance, moved laterally, and collected information pertaining to Industrial Control Systems (ICS).”

Recommended For You

EverFunnels DFY Course

EverFunnel is a single platform that lets you manage courses and the webinars that are a part of it.

PixelModo - 300 Templates Package

PixelModo - Templates Package including team license and more!

HypeSprout Masterclass

HypeSprout Masterclass (training)

To carry out their aims, the attackers employed a blend of technical attacks, social engineering and basic online sleuthing. In one instance, the report describes how the hackers downloaded a small image displayed on a target’s public human resources page. By blowing up the photo, the attackers revealed a “high-resolution photo that displayed control systems equipment models and status information in the background” — a considerable oversight and evidence of just how unevenly implemented basic operational security precautions can be in the energy sector.

During the early stage of compromising a system, the alert states that the threat actors used spear-phishing attacks originating from an already hacked legitimate account and watering hole domains, among other methods. After infiltrating a system, the attackers made organized efforts to cover their tracks, deleting logs and removing installed applications, including the VPN software FortiClient.

More technical detail is available in the document itself on the US-CERT website.



More From this publisher : HERE ; This post was curated using : TrendingTraffic

Thank you for taking the time to read our article.

If you enjoyed our content, we'd really appreciate some "love" with a share or two.

And ... Don't forget to have fun!

Recommended For You

Boost - Agency - 5 clients

Boost - Agency - 5 clients Create Boost accounts for your clients

Moto Theme DFY Premium Service

Here's Your Ultimate Turn-Key Solution, Ready To Set Up Your WordPress Sites, And Relieve You From All Your Workload And Team Management Headaches!

SpyStream 2.0

SpyStream is the Proven software to reveal specific visitor behaviour like needs and intent by recording video sessions that you, the website owner, can play back and watch.

Recommended Products

LetClicks AGENCY (Platinum) Discounted

LetClicks - Facebook Image Posts for One Click Profits

Email Jeet 2 - List Verify Jeet PRO

Clean your list easily with this desktop based email list cleaning software.

ProfitFox Membership

The world's most powerful notification technology that shows your lead forms and promo offers to right audience according to their behavior and boost leads, sales and profits on autopilot.

Comments are closed.