Owners of energy and industrial firms were notified by the Department of Homeland Security and FBI over the weekend that sophisticated hackers are attempting to penetrate critical infrastructure in the United States.
Officials issued the warning on Friday and again on Saturday, saying that industrial control systems used by the electrical and nuclear power industry, as well as water, aviation, and manufacturing sectors, are all in danger.
“DHS assesses this activity as a multi-stage intrusion campaign by threat actors targeting low security and small networks to gain access and move laterally to networks of major, high-value asset owners within the energy sector,” the notice said.
An analysis reveals that “this campaign is still ongoing, and threat actors are actively pursuing their ultimate objectives over a long-term campaign,” the alert said.
DHS spokesman Scott McConnell said the joint alert “provides recommendations to prevent and mitigate malicious cyber activity targeting multiple sectors” while emphasizing the DHS’ commitment to remain vigilant against new threats to the nation’s infrastructure “from both physical and cyber risks.”
The detailed technical analysis of the cyber campaign illustrates the growing danger of foreign states’ efforts to map networks that control critical infrastructures in preparation for future attacks aimed at shutting down the country’s electric grid and other infrastructures.
In May, Adm. Mike Rogers, Cyber Command commander and director of the National Security Agency, told Congress about the looming danger and fingered several countries, including Iran, “which have conducted disruptions or remote intrusions into critical infrastructure systems in the United States.” He noted that such intrusions may be in preparation for future attacks intended to harm Americans.
A Pentagon report by the Defense Science Board warned that American infrastructure such as the electrical grid will remain vulnerable to cyber attacks from Russia and China for at least 10 years.
“A large-scale cyber attack on civilian critical infrastructure could cause chaos by disrupting the flow of electricity, money, communications, fuel, and water,” the Pentagon board said. “Thus far, we have only seen the virtual tip of the cyber attack iceberg.”
North Korea has also been engaged in targeting critical U.S. infrastructure.
The DHS said the hackers’ campaign “has affected multiple organizations in the energy, nuclear, water, aviation, construction, and critical manufacturing sectors.”
For more on this story, click the "read more" button below.