Russian Hacktivists Attack Canadian Gas Pipeline

A pro-Russia hacktivist group claims to have breached the network of a Canadian gas pipeline company in February and caused damage that resulted in loss of profits, according to a document found among a tranche of US classified intelligence assessments leaked online recently.

Secret Pentagon documents that have been exposed on social medi also  shed new light on the state of the war in Ukraine, showing just how deeply the United States has penetrated Russia’s military and intelligence services.

These documents suggest that Washington also appears to be spying on some of its closest allies, including Ukraine, Israel and South Korea.

One of the documents, part of a cache of leaks recently circulated on the Internet, suggests the Russian hackers had the ability to cause an explosion and sought instruction from the Russian Federal Security Service or FSB.

 In the leaked briefing, actors with the Russian hacking group known as Zarya shared screenshots with an FSB officer on February 25th purporting to show their access to the Canadian facility and indicating that they had the ability to increase valve pressure, disable alarms, and initiate an emergency shutdown of the facility.

The US intelligence briefing didn’t identify the Canadian victim, writing that the screenshot was of an “unspecified gas distribution station.”

The briefing indicates that the hacking group was “receiving instructions” from someone presumed to be an FSB officer, who ordered them to maintain their network access, and that the hackers were on “standby” for further instructions from the FSB.

The document states that the FSB officer “anticipated a successful operation would cause an explosion” at the gas distribution station and that the FSB was “monitoring Canadian news reports for indications of an explosion.” But it’s not clear what the hackers did to the facility or planned to do.

They claimed they had already done “sufficient damage” to the Canadian firm “to cause profit loss to the company,” but their intention was “not to cause loss of life” only “loss of income for Canadians.” It’s not clear if US authorities ever verified the claims or identified and notified the Canadian firm in question. Zero Day was unable to independently verify the claims.

The documents reveal a broad array of information that the US intelligence community and its partners have collected about Russia’s war plans in Ukraine, including detailed maps, and about Ukraine’s defense vulnerabilities. The documents also reveal information about other countries as well, such as Iran’s nuclear program and North Korea’s testing of missiles.

Officials at the Pentagon and national security agencies have indicated they believe the documents are authentic and have launched investigations into the leaks. The revelation about the alleged cyberattack in Canada appears in just two paragraphs on a page that provides brief summaries of intelligence about other countries and regions.

Kim Zetter:     NY Times:    NY Times:     The Globe & Mail:     CTV News:      National News Watch:    AP News

You Might Also Read: 

Suspicions That Explosion At US Gas Export Terminal Caused By Russian Hackers:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible


 

« Attack On Israel’s Water Systems
How Does IT Impact The Manufacturing Industry? All You Need To Know »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

AusCERT

AusCERT

AusCERT is the premier Computer Emergency Response Team (CERT) in Australia and a leading CERT in the Asia/Pacific region

TitanFile

TitanFile

TitanFile is an award-winning, easy and secure way for professionals to communicate without having to worry about security and privacy.

Conference-Service

Conference-Service

Conference-Service provides a categorised calendar of conferences and events, including Information Security & Privacy.

Vitrociset

Vitrociset

Vitrociset design complex systems for defence, homeland security, space and transport. Activities include secure communications and cybersecurity.

Hedgehog Security

Hedgehog Security

The key objective of Hedgehog is to provide simple, effective and affordable information security improvements that support your drive to increase productivity and profitability.

Gemserv

Gemserv

Gemserv is a specialist market design, governance and assurance services consultancy.

Zighra

Zighra

Zighra is a leading provider of On-Device AI solutions for continuous authentication and fraud detection on mobile and web applications.

Prolimax

Prolimax

Prolimax deliver innovative solutions to IT Manufacturers, Distributors, Resellers and End-users including Data Erasure and secure IT Asset Disposition (ITAD)

OffSec

OffSec

OffSec have defined the standard of excellence in penetration testing training. Elite security instructors teach our intense training scenarios and exceptional course material.

ITTAS

ITTAS

ITTAS is a multidisciplinary company specializing in information security and software and hardware protection software.

Matrium Technologies

Matrium Technologies

Matrium Technologies has been a leading provider of technology solutions since 1991, with a strong industry background in Network Testing, Network Visibility and Security.

Veriti

Veriti

Veriti is a unified security posture management platform that integrates with your security solutions and proactively identifies and remediates potential risks and misconfigurations.

Verizon

Verizon

Verizon is a leader in IT technology solutions - Verizon Cloud, Networking, Security, Mobility, Machine-to-Machine (M2M), Advanced Communications and Professional Services.

Flare Systems

Flare Systems

Flare proactively detects and remediates exposure across the clear & dark web, providing organizations with the equivalent of an automated cyber reconnaissance team.

Everfox

Everfox

Everfox (formerly Forcepoint Federal) has been defending the world's most critical data and networks against the most complex cyber threats imaginable for more than 25 years.

Norwegian Data Protection Authority (Datatilsynet)

Norwegian Data Protection Authority (Datatilsynet)

The Norwegian Data Protection Authority (Datatilsynet) is the national data protection authority for Norway.