US Accuses Russia Of Attacking Energy Infrastructure

The US has accused Russia of a wide-ranging cyber-assault on its energy grid and other key parts of its infrastructure, as it stepped up sanctions on Russian intelligence for its interference in the 2016 elections.

US officials said that malware had been found in the operating systems of several organisations and companies in the US energy, nuclear, water and “critical manufacturing” sector, and the malware as well as other form of cyber-attacks had been traced back to Moscow.

“Russia’s behaviour continues to trouble us and we are continuing to push back in meaningful ways,” a senior national security official said.

The FBI and the Department of Homeland Security (DHS) issued an alert, urging other firms in the industry to review their cybersecurity. The alert said the concerted cyber-attack on US infrastructure began in March 2016.

“It is the judgment of the DHS than Russian government cyber-hackers were behind the hacking of organisations in the energy sector,” a senior official said, adding that it was clear that the cyber-attack was coordinated and “deliberately targeted”.

Officials added that the motive of the attack was initially surveillance, to gather information on computer management systems in the US energy grid.

The cybersecurity alert said: “DHS and FBI characterise this activity as a multi-stage intrusion campaign by Russian government cyber actors who targeted small commercial facilities’ networks where they staged malware, conducted spear phishing and gained remote access into energy sector networks.”

“After obtaining access, the Russian government cyber actors conducted network reconnaissance, moved laterally, and collected information pertaining to industrial control systems,” it added.

The US treasury announced new sanctions against Russian individuals and entities, including the FSB and GRU intelligence agencies, as well as the Internet Research Agency in St Petersburg, for interference in the 2016 elections.

As a result of Russia’s election interference, officials said that thousands of Russian-planted stories reached “millions of people online” during the US presidential campaign.

The new sanctions represent the broadest set of US punitive measures against Russia since the start of the Trump administration, and many of their targets are the same as those identified by an indictment by Robert Mueller, the special counsel investigating Russian interference in the 2016 election and possible collusion with the Trump campaign.
Mueller’s investigation has been denounced as a politically motivated witch-hunt by the president and his supporters, and the new measures represent the latest example of dissonance in attitudes towards Russia between Trump and other parts of the administration.

Adam Schiff, the top Democrat on the House intelligence committee, said the sanctions did not go nearly far enough in view of the scale of the Russian attack on the 2016 election.

“The sanctions today are a grievous disappointment, and fall far short of what is needed to respond to that attack on our democracy, let alone deter Russia’s escalating aggression, which now includes a chemical weapons attack on the soil of our closest ally,” Schiff said in a statement.

He pointed out that many of the sanctions targeted had already been designated by the Obama administration, and claimed that the new designated targets did not reflect “new work within the administration” but were selected on the basis of the Mueller’s indictment.

“It appears that Mr Mueller is doing more to place consequences on Russia’s behavior than the rest of the administration,” Schiff said.

The sanctions were also imposed for the role of Russian intelligence in distributing the NotPetya malware and ransomware which US officials attributed to Moscow in February. 

Officials said it was initially targeted at Ukraine but was allowed to “propagate recklessly without bounds” and caused an estimated $10bn in damage around the world, making it the most damaging cyber-attack in history.
The treasury announced it had sanctioned five entities and 19 individuals for cyber-attacks, including during the election. 

“The administration is confronting and countering malign Russian cyber-activity, including their attempted interference in US elections, destructive cyber-attacks, and intrusions targeting critical infrastructure,” Steven Mnuchin, the treasury secretary, said in a statement.

“These targeted sanctions are a part of a broader effort to address the nefarious attacks emanating from Russia. Treasury intends to impose additional … sanctions, informed by our intelligence community, to hold Russian government officials and oligarchs accountable for their destabilising activities by severing their access to the US financial system.”

Among those directly targeted are six senior officers of the Russian military intelligence service, the GRU, including its chief, Igor Korobov, and three of his deputies.

Guardian

You Might Also Read:


 

 

« Dark Web Fraud Undetectable By Police
Ensure Your Cloud Storage Is Compliant With GDPR »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall And Why Does It Matter

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall And Why Does It Matter

See how to use next-generation firewalls (NGFWs) and how they boost your security posture.

Centrify

Centrify

Centrify’s Next-Gen Access is an identity & access management solution that uniquely converges Identity-as-a-Service, enterprise mobility management and privileged access management.

Backup112

Backup112

Backup112 has been delivering professional cloud backup services since 2004.

Apricorn

Apricorn

Apricorn provides hardware-based 256-bit encrypted external storage products to companies and organizations that require high-level protection for their data at rest.

Network Integrity Systems

Network Integrity Systems

Network Integrity Systems is a leader in network infrastructure security and offers solutions specifically developed for Government and Private Enterprise.

Gilbert + Tobin

Gilbert + Tobin

Gilbert + Tobin is an Australian corporate law firm serving clients throughout Australia, and around the world, on a broad range of legal issues including cyber security.

CyberASAP

CyberASAP

CyberASAP provides expertise, knowledge and support to convert academic ideas into commercial products in the cyber security space.

IT Jobs Watch

IT Jobs Watch

IT Jobs Watch provides a concise and accurate map of the prevailing IT job market conditions in the UK.

ProWriters

ProWriters

As a leading cyber insurance company, ProWriters offers flexible Cyber Liability Insurance coverage designed to cover privacy, data, and network exposures.

Corsha

Corsha

Corsha is on a mission to simplify API security and allow enterprises to embrace modernization, complex deployments, and hybrid environments with confidence.

ThreatX

ThreatX

ThreatX provides complete web application & API protection to address expanding app footprints and complex attacks.

PT Prima Cyber Solusi

PT Prima Cyber Solusi

PT Prima Cyber Solusi is focused on protecting your business from the massive and devastating impacts that cyber-attacks may cause.

Cyber Legion

Cyber Legion

Cyber Legion Ltd is a UK-based Cyber Security as a Service (CSaaS) start-up that provides IT security testing services to various organizations around the globe.

iVision

iVision

iVision is a technology integration and management firm that engineers success for clients through objective recommendations, process and technology expertise and best-of-breed guidance.

Cyber Risk International

Cyber Risk International

Cyber Risk International offer CyberPrism, a B2B SaaS solution that empowers businesses to perform a self-assessment of their cyber security program.

OccamSec

OccamSec

OccamSec is a leading provider in the world of cybersecurity. We provide accurate, actionable information to reduce risk and enable better informed decisions.

One Step Secure IT

One Step Secure IT

One Step provide Managed IT Services, Cybersecurity Protections, and Compliance to businesses in the USA nationwide.