US Accuses Russia Of Attacking Energy Infrastructure

Uploaded on 2018-03-19 in GOVERNMENT-Defence, FREE TO VIEW, BUSINESS-Production-Utilities, BUSINESS-Production-Energy, GOVERNMENT-National, INTELLIGENCE-Hot Spots-Russia, INTELLIGENCE--USA, NEWS-Cybersecurity News, TECHNOLOGY--Hackers

The US has accused Russia of a wide-ranging cyber-assault on its energy grid and other key parts of its infrastructure, as it stepped up sanctions on Russian intelligence for its interference in the 2016 elections.

US officials said that malware had been found in the operating systems of several organisations and companies in the US energy, nuclear, water and “critical manufacturing” sector, and the malware as well as other form of cyber-attacks had been traced back to Moscow.

“Russia’s behaviour continues to trouble us and we are continuing to push back in meaningful ways,” a senior national security official said.

The FBI and the Department of Homeland Security (DHS) issued an alert, urging other firms in the industry to review their cybersecurity. The alert said the concerted cyber-attack on US infrastructure began in March 2016.

“It is the judgment of the DHS than Russian government cyber-hackers were behind the hacking of organisations in the energy sector,” a senior official said, adding that it was clear that the cyber-attack was coordinated and “deliberately targeted”.

Officials added that the motive of the attack was initially surveillance, to gather information on computer management systems in the US energy grid.

The cybersecurity alert said: “DHS and FBI characterise this activity as a multi-stage intrusion campaign by Russian government cyber actors who targeted small commercial facilities’ networks where they staged malware, conducted spear phishing and gained remote access into energy sector networks.”

“After obtaining access, the Russian government cyber actors conducted network reconnaissance, moved laterally, and collected information pertaining to industrial control systems,” it added.

The US treasury announced new sanctions against Russian individuals and entities, including the FSB and GRU intelligence agencies, as well as the Internet Research Agency in St Petersburg, for interference in the 2016 elections.

As a result of Russia’s election interference, officials said that thousands of Russian-planted stories reached “millions of people online” during the US presidential campaign.

The new sanctions represent the broadest set of US punitive measures against Russia since the start of the Trump administration, and many of their targets are the same as those identified by an indictment by Robert Mueller, the special counsel investigating Russian interference in the 2016 election and possible collusion with the Trump campaign.
Mueller’s investigation has been denounced as a politically motivated witch-hunt by the president and his supporters, and the new measures represent the latest example of dissonance in attitudes towards Russia between Trump and other parts of the administration.

Adam Schiff, the top Democrat on the House intelligence committee, said the sanctions did not go nearly far enough in view of the scale of the Russian attack on the 2016 election.

“The sanctions today are a grievous disappointment, and fall far short of what is needed to respond to that attack on our democracy, let alone deter Russia’s escalating aggression, which now includes a chemical weapons attack on the soil of our closest ally,” Schiff said in a statement.

He pointed out that many of the sanctions targeted had already been designated by the Obama administration, and claimed that the new designated targets did not reflect “new work within the administration” but were selected on the basis of the Mueller’s indictment.

“It appears that Mr Mueller is doing more to place consequences on Russia’s behavior than the rest of the administration,” Schiff said.

The sanctions were also imposed for the role of Russian intelligence in distributing the NotPetya malware and ransomware which US officials attributed to Moscow in February. 

Officials said it was initially targeted at Ukraine but was allowed to “propagate recklessly without bounds” and caused an estimated $10bn in damage around the world, making it the most damaging cyber-attack in history.
The treasury announced it had sanctioned five entities and 19 individuals for cyber-attacks, including during the election. 

“The administration is confronting and countering malign Russian cyber-activity, including their attempted interference in US elections, destructive cyber-attacks, and intrusions targeting critical infrastructure,” Steven Mnuchin, the treasury secretary, said in a statement.

“These targeted sanctions are a part of a broader effort to address the nefarious attacks emanating from Russia. Treasury intends to impose additional … sanctions, informed by our intelligence community, to hold Russian government officials and oligarchs accountable for their destabilising activities by severing their access to the US financial system.”

Among those directly targeted are six senior officers of the Russian military intelligence service, the GRU, including its chief, Igor Korobov, and three of his deputies.

Guardian

You Might Also Read:


 

 

« Dark Web Fraud Undetectable By Police
Ensure Your Cloud Storage Is Compliant With GDPR »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 8,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Caldew Consulting

Caldew Consulting

Caldew specialise in providing information assurance and cyber security consultancy, covering the full spectrum of the security life cycle.

NATO Cooperative Cyber Defence Centre (CCDCOE)

NATO Cooperative Cyber Defence Centre (CCDCOE)

NATO CCDCOE's mission is to enhance the capability, cooperation and information sharing among NATO, NATO nations and partners in cyber defence.

BackBox Software

BackBox Software

BackBox is a leading provider of solutions for automated backup and recovery software for security and network devices.

Vera Security

Vera Security

Vera is a data security platform that provides 360-degree visibility and control over critical business data, anywhere it's shared or stored.

Uniscon

Uniscon

Uniscon is a leading provider of cloud security solutions in Europe.

Gemserv

Gemserv

Gemserv is a specialist market design, governance and assurance services consultancy.

TitanHQ

TitanHQ

TitanHQ offers ultimate protection from internet based threats and powerful Web filtering functionalities to SMBs, Service Providers and Education sectors around the World.

British Security Industry Association - CySPAG

British Security Industry Association - CySPAG

CySPAG is a special interest group within the British Security Industry Association (BSIA) focused on reducing the risk of product related cybercrime.

MVP Tech

MVP Tech

MVP Tech designs and deploys next generation infrastructures where Security and Technology converge.

Orbus Software

Orbus Software

Orbus develops, markets and sells enterprise software which helps large, blue chip and government organisations across the globe to achieve digital transformation outcomes.

International Cyber Threat Task Force (ICTTF)

International Cyber Threat Task Force (ICTTF)

The International Cyber Threat Task Force is a not-for-profit initiative promoting the ecosystem of an International independent non-partisan cyber security community.

WillJam Ventures

WillJam Ventures

WillJam Ventures are a private equity firm focused on investing in world-class cybersecurity companies that will become the next generation of leaders in protecting the world’s digital assets.

DNS Research Federation (DNSRF)

DNS Research Federation (DNSRF)

DNSRF's mission is to advance the understanding of the Domain Name System's impact on cybersecurity, policy and technical standards.

Vault Cloud

Vault Cloud

Vault Cloud, Australia's National Cloud, is an Australian owned and operated company specialising in secure, sovereign, hyperscale cloud infrastructure.

Abissi

Abissi

Abissi offer cyber intelligence, IoT security, automotive security, red teaming, application security and artificial intelligence security services, with a focus on security by design.

ITConnexion

ITConnexion

ITConnexion is an Australian-based Managed IT Service with over 20 years of experience. We offer a complete IT management service for non-profits, SMEs, and enterprises.