It is currently Sat Dec 16, 2017 11:38 am

All times are UTC - 6 hours [ DST ]




Post new topic Reply to topic  [ 1 post ] 
Author Message
 Post subject: Cyber Threat Report
PostPosted: Sun Oct 22, 2017 3:20 pm 
Offline
ZS Member
ZS Member
User avatar

Joined: Mon Aug 22, 2005 2:48 am
Posts: 3073
Location: Des Moines, Iowa
Has thanked: 543 times
Been thanked: 148 times
From CNBC: US warns public about attacks on energy, industrial firms
Quote:
US warns public about attacks on energy, industrial firms

The U.S government issued a rare public warning that sophisticated hackers are targeting energy and industrial firms.

It's the latest sign that cyber attacks present an increasing threat to the power industry and other public infrastructure.

Published 7 Hours Ago Updated 7 Hours Ago From Reuters:

The U.S government issued a rare public warning that sophisticated hackers are targeting energy and industrial firms, the latest sign that cyber attacks present an increasing threat to the power industry and other public infrastructure.

The Department of Homeland Security and Federal Bureau of Investigation warned in a report distributed by email late on Friday that the nuclear, energy, aviation, water and critical manufacturing industries have been targeted along with government entities in attacks dating back to at least May.

The agencies warned that hackers had succeeded in compromising some targeted networks, but did not identify specific victims or describe any cases of sabotage.

The objective of the attackers is to compromise organizational networks with malicious emails and tainted websites to obtain credentials for accessing computer networks of their targets, the report said.

U.S. authorities have been monitoring the activity for months, which they initially detailed in a confidential June report first reported by Reuters. That document, which was privately distributed to firms at risk of attacks, described a narrower set of activity focusing on the nuclear, energy and critical manufacturing sectors.

Department of Homeland Security spokesman Scott McConnell declined to elaborate on the information in the report or say what prompted the government to go public with the information at this time.

"The technical alert provides recommendations to prevent and mitigate malicious cyber activity targeting multiple sectors and reiterated our commitment to remain vigilant for new threats," he said.

The FBI declined to comment on the report, which security researchers said described an escalation in targeting of infrastructure in Europe and the United States that had been described in recent reports from private firms, including Symantec Corp.

"This is very aggressive activity," said Robert Lee, an expert in securing industrial networks.

Lee, chief executive of cyber-security firm Dragos, said the report appears to describe hackers working in the interests of the Russian government, though he declined to elaborate. Dragos is also monitoring other groups targeting infrastructure that appear to be aligned with China, Iran, North Korea, he said.

The hacking described in the government report is unlikely to result in dramatic attacks in the near term, Lee said, but he added that it is still troubling: "We dont want our adversaries learning enough to be able to do things that are disruptive later."

The report said that hackers have succeeded in infiltrating some targets, including at least one energy generator, and conducting reconnaissance on their networks. It was accompanied by six technical documents describing malware used in the attacks.

Homeland Security "has confidence that this campaign is still ongoing and threat actors are actively pursuing their objectives over a long-term campaign," the report said.

The report said the attacker was the same as one described by Symantec in a September report that warned advanced hackers had penetrated the systems controlling operations of some U.S. and European energy companies.

Symantec researcher Vikram Thakur said in an email that much of the contents of Friday's report were previously known within the security community.

Cyber-security firm CrowdStrike said the technical indicators described in the report suggested the attacks were the work of a hacking group it calls Berserk Bear, which is affiliated with the Russian Federation and has targeted the energy, financial and transportation industries.

"We have not observed any destructive action by this actor," CrowdStrike Vice President Adam Meyers said in an email.

_________________
Matthew Paul Malloy
Veteran: USAR, USA, IAANG.

Dragon Savers!
Golden Dragons!
Tropic Lightning!
Duty! Honor! Country!


Share on FacebookShare on TwitterShare on TumblrShare on Google+
Top
 Profile  
Reply with quote  
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 1 post ] 

All times are UTC - 6 hours [ DST ]


Who is online

Users browsing this forum: No registered users and 2 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum

Search for:
Jump to:  
Powered by phpBB® Forum Software © phpBB Group