US Data Systems Under Attack

Uploaded on 2017-11-15 in NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-IT & Telecoms, BUSINESS-Production-Utilities, BUSINESS-Production-Manufacturing, BUSINESS-Production-Energy

The US government has recently issued a rare public warning about hacking campaigns targeting energy and industrial firms. 

The Department of Homeland Security and Federal Bureau of Investigation warned in a report distributed via email, that the nuclear, energy, aviation, water and critical manufacturing industries have been targeted along with government entities in attacks dating back to at least May. 

The agencies warned that hackers had succeeded in compromising some targeted networks, but did not identify specific victims or describe any cases of sabotage.

The goal of the attackers is thought to be to compromise organisational networks with malicious emails and tainted websites to obtain credentials for accessing computer networks of their targets. 

US authorities have been monitoring the activity for months, which they initially detailed in a confidential June report. That document, which was privately distributed to firms at risk of attacks, described a narrow set of activity focusing on the nuclear, energy and critical manufacturing sectors. 

Department of Homeland Security spokesman Scott McConnell declined to elaborate on the information in the report or say what prompted the government to go public with the information at this time.  “The technical alert provides recommendations to prevent and mitigate malicious cyber activity targeting multiple sectors and reiterated our commitment to remain vigilant for new threats,” he said.

Robert Lee, an expert in securing industrial networks, said the report appears to describe groups working in the interests of the Russian government, though he declined to elaborate.

The hacking described in the government report is unlikely to result in dramatic attacks in the near term, Lee said, but he added that it is still troubling: “We don’t want our adversaries learning enough to be able to do things that are disruptive later.”

I-HLS

You Might Also Read:

Hackers Attempt To Penetrate US Nuclear Plants:

Nuclear Missiles Are Not N.Korea’s Only Threat:

Guide to Russian Infrastructure Hacking:

 

« 5 Cyber Threats Executives Should Understand
The Current State of Cyber Warfare »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

MetaCompliance

MetaCompliance

MetaCompliance is a cyber security and compliance organisation that helps transform your company culture and safeguard your data and values.

Technology Association of Georgia (TAG)

Technology Association of Georgia (TAG)

TAG's mission is to educate, promote, influence and unite Georgia's technology community to stimulate and enhance Georgia's tech-based economy.

Momentum

Momentum

The Cyber Security team at Momentum offers a professional and specialist recruitment service across Cyber & IT Security.

SIGA

SIGA

SIGA provides cyber security solutions for Industrial Control Systems SCADA systems used in critical infrastructures and industrial processes.

Neurosoft

Neurosoft

Neursoft is a fully integrated ICT company with Software Development, System Integration and Information Technology Security capabilities.

Cyber Security Academy (CSA)

Cyber Security Academy (CSA)

The CSA aims to educate professionals who wish to contribute to strengthening the digital defensibility of states, organisations and individual citizens.

Evanston Technology Partners (ETP)

Evanston Technology Partners (ETP)

ETP provides services and solutions to enable and transform businesses in the areas of cybersecurity, data protection, and efficient operations practices.

Propelo

Propelo

Propelo (formerly LevelOps) is an engineering excellence platform that helps increase developer productivity and improve security with data-led insights and workflow automation.

Spohn Solutions

Spohn Solutions

Spohn combines highly-experienced staff with a vendor neutral approach to deliver optimal solutions for IT Security and Compliance.

AVEVA

AVEVA

AVEVA has a long history in providing Supervisory Control and Data Acquisition software for meeting complex and evolving automation requirements.

CertNexus

CertNexus

CertNexus is a vendor-neutral certification body, providing emerging technology certifications and micro-credentials for business, data, developer, IT, and security professionals.

Training.com.au

Training.com.au

Training.com.au is a comparison website through which those looking to learn about different aspects of cyber security can compare learning courses from training providers from across Australia.

Unified Solutions

Unified Solutions

Unified Solutions provide a full continuum of cyber security services, compliance, and technology solutions.

AuthMind

AuthMind

Prevent your next identity-related cyberattack with the AuthMind Identity SecOps Platform. It works anywhere and deploys in minutes.

Ionize

Ionize

Ionize offers solutions to help you uplift your capability across the full-spectrum of cyber security - assessment, remediation, monitoring, governance and ongoing education.

TR-CERT (USOM)

TR-CERT (USOM)

TR-CERT (Ulusal Siber Olaylara Müdahale Merkezi - USOM) is the national Computer Emergency Response Team of Turkey.