US Data Systems Under Attack

The US government has recently issued a rare public warning about hacking campaigns targeting energy and industrial firms. 

The Department of Homeland Security and Federal Bureau of Investigation warned in a report distributed via email, that the nuclear, energy, aviation, water and critical manufacturing industries have been targeted along with government entities in attacks dating back to at least May. 

The agencies warned that hackers had succeeded in compromising some targeted networks, but did not identify specific victims or describe any cases of sabotage.

The goal of the attackers is thought to be to compromise organisational networks with malicious emails and tainted websites to obtain credentials for accessing computer networks of their targets. 

US authorities have been monitoring the activity for months, which they initially detailed in a confidential June report. That document, which was privately distributed to firms at risk of attacks, described a narrow set of activity focusing on the nuclear, energy and critical manufacturing sectors. 

Department of Homeland Security spokesman Scott McConnell declined to elaborate on the information in the report or say what prompted the government to go public with the information at this time.  “The technical alert provides recommendations to prevent and mitigate malicious cyber activity targeting multiple sectors and reiterated our commitment to remain vigilant for new threats,” he said.

Robert Lee, an expert in securing industrial networks, said the report appears to describe groups working in the interests of the Russian government, though he declined to elaborate.

The hacking described in the government report is unlikely to result in dramatic attacks in the near term, Lee said, but he added that it is still troubling: “We don’t want our adversaries learning enough to be able to do things that are disruptive later.”

I-HLS

You Might Also Read:

Hackers Attempt To Penetrate US Nuclear Plants:

Nuclear Missiles Are Not N.Korea’s Only Threat:

Guide to Russian Infrastructure Hacking:

 

« 5 Cyber Threats Executives Should Understand
The Current State of Cyber Warfare »

Directory of Suppliers

Sophos

Sophos

Sophos provides complete security solutions for protection against complex threats and data loss.

Global Knowledge Training

Global Knowledge Training

Global Knowledge is a worldwide leader in IT and business training, featuring Cisco, Microsoft, VMware, IBM, security, cloud computing, and project management.

Activereach

Activereach

Activereach provides a complete range of Internet, networking, voice & security solutions to businesses across the UK and Europe.

Infoblox

Infoblox

Infoblox solutions help businesses automate complex network control functions to reduce costs, increase security and maximize uptime.

IBM Application Security

IBM Application Security

IBM application security testing solutions provide preemptive protection for mobile and web-based applications.

Luxar Tech

Luxar Tech

Luxar's network visibility products enable enterprises and service providers to monitor network traffic, improve security and optimize efficiency.

Conscia

Conscia

Conscia provides IT infrastructure solutions and 24/7 services in network, data center, security and mobility.

Amida Technology Solutions

Amida Technology Solutions

Amida is an open source software company that focuses on data management and exchange, with specialties in cybersecurity and digital platform strategies.

Big Switch Networks

Big Switch Networks

Big Monitoring Fabric is a Next-Generation Network Packet Broker which enables pervasive security and monitoring of data center and cloud traffic for inline or out-of-band deployments.

Early Warning

Early Warning

Early Warning delivers innovative payment and risk solutions to financial institutions nationwide.

High Sec Labs (HSL)

High Sec Labs (HSL)

High Sec Labs develops high-quality, cyber-defense solutions in the field of network and peripheral isolation.

DirectDefense

DirectDefense

DirectDefense is an information security services and managed services provider.

Neowave

Neowave

Neowave designs, manufactures and markets strong authentication solutions based on smart card components and digital certificates.

Romanian Association for Electronic Industry & Software (ARIES)

Romanian Association for Electronic Industry & Software (ARIES)

ARIES is the Romanian Association for Electronic Industry and Software, the biggest and most influental organization created for the IT&C industry in Romania.

Ellipsis Technologies

Ellipsis Technologies

Ellipsis Technologies is a diversified technology company that develops innovative security software for websites and online applications.