US Accuses Russia Of Attacking Energy Infrastructure

Uploaded on 2018-03-19 in GOVERNMENT-Defence, FREE TO VIEW, BUSINESS-Production-Utilities, BUSINESS-Production-Energy, GOVERNMENT-National, INTELLIGENCE-Hot Spots-Russia, INTELLIGENCE--USA, NEWS-Cybersecurity News, TECHNOLOGY--Hackers

The US has accused Russia of a wide-ranging cyber-assault on its energy grid and other key parts of its infrastructure, as it stepped up sanctions on Russian intelligence for its interference in the 2016 elections.

US officials said that malware had been found in the operating systems of several organisations and companies in the US energy, nuclear, water and “critical manufacturing” sector, and the malware as well as other form of cyber-attacks had been traced back to Moscow.

“Russia’s behaviour continues to trouble us and we are continuing to push back in meaningful ways,” a senior national security official said.

The FBI and the Department of Homeland Security (DHS) issued an alert, urging other firms in the industry to review their cybersecurity. The alert said the concerted cyber-attack on US infrastructure began in March 2016.

“It is the judgment of the DHS than Russian government cyber-hackers were behind the hacking of organisations in the energy sector,” a senior official said, adding that it was clear that the cyber-attack was coordinated and “deliberately targeted”.

Officials added that the motive of the attack was initially surveillance, to gather information on computer management systems in the US energy grid.

The cybersecurity alert said: “DHS and FBI characterise this activity as a multi-stage intrusion campaign by Russian government cyber actors who targeted small commercial facilities’ networks where they staged malware, conducted spear phishing and gained remote access into energy sector networks.”

“After obtaining access, the Russian government cyber actors conducted network reconnaissance, moved laterally, and collected information pertaining to industrial control systems,” it added.

The US treasury announced new sanctions against Russian individuals and entities, including the FSB and GRU intelligence agencies, as well as the Internet Research Agency in St Petersburg, for interference in the 2016 elections.

As a result of Russia’s election interference, officials said that thousands of Russian-planted stories reached “millions of people online” during the US presidential campaign.

The new sanctions represent the broadest set of US punitive measures against Russia since the start of the Trump administration, and many of their targets are the same as those identified by an indictment by Robert Mueller, the special counsel investigating Russian interference in the 2016 election and possible collusion with the Trump campaign.
Mueller’s investigation has been denounced as a politically motivated witch-hunt by the president and his supporters, and the new measures represent the latest example of dissonance in attitudes towards Russia between Trump and other parts of the administration.

Adam Schiff, the top Democrat on the House intelligence committee, said the sanctions did not go nearly far enough in view of the scale of the Russian attack on the 2016 election.

“The sanctions today are a grievous disappointment, and fall far short of what is needed to respond to that attack on our democracy, let alone deter Russia’s escalating aggression, which now includes a chemical weapons attack on the soil of our closest ally,” Schiff said in a statement.

He pointed out that many of the sanctions targeted had already been designated by the Obama administration, and claimed that the new designated targets did not reflect “new work within the administration” but were selected on the basis of the Mueller’s indictment.

“It appears that Mr Mueller is doing more to place consequences on Russia’s behavior than the rest of the administration,” Schiff said.

The sanctions were also imposed for the role of Russian intelligence in distributing the NotPetya malware and ransomware which US officials attributed to Moscow in February. 

Officials said it was initially targeted at Ukraine but was allowed to “propagate recklessly without bounds” and caused an estimated $10bn in damage around the world, making it the most damaging cyber-attack in history.
The treasury announced it had sanctioned five entities and 19 individuals for cyber-attacks, including during the election. 

“The administration is confronting and countering malign Russian cyber-activity, including their attempted interference in US elections, destructive cyber-attacks, and intrusions targeting critical infrastructure,” Steven Mnuchin, the treasury secretary, said in a statement.

“These targeted sanctions are a part of a broader effort to address the nefarious attacks emanating from Russia. Treasury intends to impose additional … sanctions, informed by our intelligence community, to hold Russian government officials and oligarchs accountable for their destabilising activities by severing their access to the US financial system.”

Among those directly targeted are six senior officers of the Russian military intelligence service, the GRU, including its chief, Igor Korobov, and three of his deputies.

Guardian

You Might Also Read:


 

 

« Dark Web Fraud Undetectable By Police
Ensure Your Cloud Storage Is Compliant With GDPR »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Tines

Tines

The Tines security automation platform helps security teams automate manual tasks, making them more effective and efficient.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

JYVSECTEC - JAMK University of Applied Sciences

JYVSECTEC - JAMK University of Applied Sciences

JYVSECTEC is a cyber security research and development and training centre

Fredda Stanza

Fredda Stanza

Fredda Stanza specialize in Information Security and Forensics Consulting.

Tufin

Tufin

Tufin enables organizations to automate their security policy visibility, risk management, provisioning and compliance across their multi-vendor, hybrid environment.

Corero Network Security

Corero Network Security

Corero Network Security is dedicated to improving the security of the Internet through the deployment of its innovative DDoS & Network Security Solutions.

SOTI

SOTI

SOTI is an industry leader in Enterprise Mobility Management (EMM).

Israel National Cyber Directorate (INCD)

Israel National Cyber Directorate (INCD)

The Israel National Cyber Directorate is the national security and technological agency responsible for defending Israel’s national cyberspace and for establishing and advancing Israel’s cyber power.

CybSafe

CybSafe

CybSafe is a cloud-based platform focussed on addressing the human component of cyber security - an intelligent approach to awareness training.

Dragos

Dragos

Dragos has built the first industrial cybersecurity ecosystem, the ultimate security defense.

SailPoint

SailPoint

SailPoint provides identity governance solutions with on-premises and cloud-based identity management software for the most complex challenges.

Montimage

Montimage

Montimage develops tools for testing and monitoring networks, applications and services; in particular, for the verification of functional, performance (QoS/QoE) and security aspects.

Caulis

Caulis

Caulis FraudAlert is a cyber security solution. It can detect fraud and identity theft based on users’ online behaviour.

Quantea

Quantea

Our multi-patented solutions - QP Series Network Analytics Accelerator appliance and PureInsight Analytics Software Suite allows you to capture, analyze, store, replay, network traffic data.

Resilience Cyber Insurance Solutions

Resilience Cyber Insurance Solutions

Resilience Cyber Insurance combines insurance expertise with cybersecurity and data talent to deliver clear, effective solutions to protect you for the cyberrisks of today—and tomorrow.

Keysight Technologies

Keysight Technologies

Keysight is dedicated to providing tomorrow’s test technologies today, enabling our customers to connect and secure the world with their innovations.

Astrix Security

Astrix Security

Astrix enables security teams to instantly see through the fog of connects and detect redundant, misconfigured and malicious third-party exposure to their critical systems.

Confidencial

Confidencial

Confidencial is a provider of solutions that help organizations secure their most sensitive information, regardless if that information exists inside or is shared outside the organization.