Russian Hackers Attacking U.S. Power Grid and Aviation, FBI Warns

  • U.S. officials warn of attacks, including on nuclear plants
  • Cyber-attacks underway since at least March 2016, U.S. says

Russian hackers are conducting a broad assault on the U.S. electric grid, water processing plants, air transportation facilities and other targets in rolling attacks on some of the country’s most sensitive infrastructure, U.S. government officials said Thursday.

The announcement was the first official confirmation that Russian hackers have taken aim at facilities on which hundreds of millions of Americans depend for basic services. Bloomberg News reported in July that Russian hackers had breached more than a dozen power plants in seven states, an aggressive campaign that has since expanded to dozens of states, according to a person familiar with the investigation.

"Since at least March 2016, Russian government cyber actors" have targeted "government entities and multiple U.S. critical infrastructure sectors," including those of energy, nuclear, water and aviation, according to an alert issued Thursday by the Department of Homeland Security and Federal Bureau of Investigation.

Critical manufacturing sectors and commercial facilities also have been targeted by the ongoing "multi-stage intrusion campaign by Russian government cyber actors."

Cyber-attacks are "literally happening hundreds of thousands of times a day," Energy Secretary Rick Perry told lawmakers during a hearing Thursday. "The warfare that goes on in the cyberspace is real, it’s serious, and we must lead the world."

Separately Thursday, the U.S. sanctioned a St. Petersburg-based “troll farm,” two Russian intelligence services, a close ally of Russian President Vladimir Putin and other Russian citizens and businesses indicted by Special Counsel Robert Mueller on charges of meddling with the 2016 U.S. presidential election.

A joint analysis by the FBI and the Department of Homeland Security described the hackers as extremely sophisticated, in some cases first breaching suppliers and third-party vendors before hopping from those networks to their ultimate target. The government’s report did not say how successful the attacks were.

Read More: Russia Is Said to Be Suspect in Hacks of U.S. Power Plants

The Russian hackers "targeted small commercial facilities’ networks where they staged malware, conducted spear phishing, and gained remote access into energy sector networks," according to the Homeland Security alert.

An industry-government partnership provided potential indicators of compromise for electric companies following Thursday’s announcement, said Scott Aaronson, vice president of security and preparedness at the utility trade group Edison Electric Institute. The federal government alerted grid operators to a threat targeting the energy and manufacturing sectors last summer, but the incident didn’t affect operations, he said.

The hackers deliberately selected targets and methodically went after initial victims as a way to reach their ultimate prizes, including industrial control systems used by power plants and other infrastructure. Their tactics included sending spear-phishing emails and embedding malicious content on informational websites to obtain security credentials they could then leverage for more information and access.

And once they obtained access, the attackers "conducted network reconnaissance," and moved within the systems to collect information on industrial control systems.

The government’s alert on Russian cyber-attacks does not cover suspected meddling by the country in the 2016 election.

An October report by researchers at Symantec Corp., cited by the U.S. government Thursday, linked the attacks to a group of hackers it had code-named Dragonfly, and said it found evidence critical infrastructure facilities in Turkey and Switzerland also had been breached.

The Symantec researchers said an earlier wave of attacks by the same group starting in 2011 was used to gather intelligence on companies and their operational systems. The hackers then used that information for a more advanced wave of attacks targeting industrial control systems that, if disabled, leave millions without power or water.

The disclosure comes amid mounting calls from lawmakers to step up protection of the nation’s electric grid. Senator Maria Cantwell, the top Democrat on the Energy and Natural Resources Committee, pushed for a cyberthreat assessment of the grid last year, to better defend the infrastructure against potential attacks.

"I hope today’s belated response is the first step in a robust and aggressive strategy to protect our critical infrastructure," Cantwell, a Democrat from Washington state, said in an emailed statement.

U.S. intelligence officials have long been concerned about the security of the country’s electrical grid. The recent attacks, striking almost simultaneously at multiple locations, are testing the government’s ability to coordinate an effective response among several private utilities, state and local officials, and industry regulators.

Many of the targeted power plants are conventional, but the attacks included at least one nuclear power plant in Kansas, Bloomberg News reported in July. While the core of a nuclear generator is heavily protected, a sudden shutdown of the turbine can trigger safety systems. These safety devices are designed to disperse excess heat while the nuclear reaction is halted, but the safety systems themselves may be vulnerable to attack.

The operating systems at nuclear plants also tend to be legacy controls built decades ago and don’t have digital control systems that can be exploited by hackers.

More From this publisher : HERE ; This post was curated using : TrendingTraffic

 


RELATED PRODUCTS
  • Core power for baseball is a baseball training video that focuses on core exercises.
  • Learn Some Awesome Ways To Cut Down Your Grocery Budget Up To 90 By Couponing.
  • Men, power, love, and a good life -a Guide for women who want it all.
  • The legendary program that generates and measures your peak and sustained strength.
  • Know The Secret That Numerous Successful People Unknowingly Used For Over Decades.
  • Learn how you can dramatically improve your success with russian women.
  • Strategies That You Can Use Immediately To Achieve Anything That You Want Out Of Life
  • Power Tips to make your home more energy efficient.
  • Piano chords and chord progressions secrets of exciting chords and chord progressions
  • Discover The Secret Key To Create Miracles and Command The Full Powers Of The Universe.
  • The Russian course for dating and relationships. Download your copy now
  • Discover your true abilities using this secret ancient code and enjoy a 2nd life.
  • This Product Will Teach You All The Techniques To Become Completely Mindful.
  • Are you one of the western guys that thinks of finding a Russian / Ukrainian bride
  • Clickbank Ads
     

    Recommended Products

    Lifetime.Hosting Diamond Bundle 36 (Lifetime.Chat Special)

    Lifetime.Hosting Diamond 12 Plan, Lifetime.Hosting Triple Up Upgrade to 36 websites with 36 gb storage, 12 Lifetime Domains, Lifetime.Hosting Diamond Addon with unlimited SSL, priority backup protection and cPanel Migration (plus 10 bonus domains)

    BuilderAll Internet Marketing Platform - Unlimited User's License.

    Create and automate with the easiest and most complete internet marketing platform available on the market today! Easily capture and manage leads, discover time-saving applications, create unlimited and professional "Drag and Drop" websites and sales funnel

    Sitecontact Elite One-Time

    Sitecontact is the first Facebook autoresponder ever. With it you can capture leads on webpages and send message broadcasts on Facebook.

    Comments are closed