1. TechSpot is dedicated to computer enthusiasts and power users. Ask a question and give support. Join the community here.
    TechSpot is dedicated to computer enthusiasts and power users.
    Ask a question and give support.
    Join the community here, it only takes a minute.
    Dismiss Notice

FBI and DHS blame Russia for cyberattacks on critical US infrastructure

By midian182 ยท 17 replies
Mar 16, 2018
Post New Reply
  1. The Department of Homeland Security (DHS) and the FBI have announced that hackers working at the behest of the Russian government are behind a campaign of cyberattacks against American infrastructure. The agencies’ report reveals that multiple attempts to compromise government entities and energy, nuclear, commercial, water, aviation, and critical manufacturing sectors have been taking place since at least March 2016.

    Last September, security firm Symantec warned of a resurgence in energy sector attacks by a group of Kremlin-backed hackers known collectively as Dragonfly. Symantec and a few other researchers in 2014 exposed some of their activities, forcing them into a “quiet period.” The DHS and FBI wrote that the company's report “provides additional information about this ongoing campaign.”

    Today’s alert reveals that the cyberattacks targeted two types of entities: staging and intended targets. The initial victims are organizations linked to the hackers’ primary targets, such as third-party suppliers who have less secure networks. These are used to plant malware and conduct spear phishing campaigns as a means of infiltrating the energy sector networks.

    "After obtaining access, the Russian government cyber actors conducted network reconnaissance, moved laterally and collected information pertaining to industrial control systems," reads the report.

    The alert did not name the companies targeted, but it does reveal that they are “small commercial facilities,” some of which are highly vulnerable as they still run older systems. It’s unclear how close the hackers came to gaining control of the systems, and whether the attacks are still ongoing.

    The report arrived on the same day that the Treasury Department imposed sanctions against five Russian entities, including the notorious Internet Research Agency, and 19 individuals for attempting to interfere in the 2016 US election and their involvement in a number of cyberattacks, including the NotPetya ransomware incident.

    Permalink to story.

  2. regiq

    regiq TS Addict Posts: 203   +80

    Putin needs an "outside threat" to consolidate his electorate. West reactions to Russian provocations gives him just that.
    People who rule Russia never accepted the break-up of Soviet Union.
    Putin's unofficial biography is a thrilling read.
  3. seefizzle

    seefizzle TS Evangelist Posts: 408   +283

    No collusion. You're collusion.
  4. regiq

    regiq TS Addict Posts: 203   +80

    Thanks, I've gotten to know a new english word. And a big political background.
  5. jwdR1

    jwdR1 TS Enthusiast Posts: 40   +29

    Dumb question time, now that we know that the intelligence agencies have the ability to hack systems and make it look like someone else did it, how can we trust any thing they announce like this?

    They could just as easily be planting evidence to push an agenda.

    Yea, I have a tin hat or two.
    wiyosaya likes this.
  6. Uncle Al

    Uncle Al TS Evangelist Posts: 4,866   +3,311

    There was a time when our CIA was very adapt at solving these problems .....
  7. regiq

    regiq TS Addict Posts: 203   +80

    Too much reliance on new technology, focus on fund raising and outsurcing could be the reasons, at least that's what comes to mind after watching "A Good American" http://agoodamerican.org/
    Russian agencies do it differently.
  8. Gotta hate geopolitics
  9. seefizzle

    seefizzle TS Evangelist Posts: 408   +283

    There's other ways to corroborate evidence of hacking origins. It's not just "hey look it's coming from a russian ip address it must be russians". There are numerous IT forensics involved.
  10. mbrowne5061

    mbrowne5061 TS Evangelist Posts: 1,124   +601

    Yeah, its pretty much a safe bet these days that if you see a sophisticated attack originating from an IP address with a known country associated to it, then it is pretty much guaranteed that the attacker is not based in that particular country.

    You'll also never here about CIA/NSA cyber exploits in Russia or China, because even if the Russians or Chinese are aware of them, they'll never publically disclose them - just to save face. Their governments need to appear impervious to outside meddling in order to remain stable. Its the Achilles heel of xenophobia-based policies.
    regiq likes this.
  11. wiyosaya

    wiyosaya TS Evangelist Posts: 3,425   +1,824

    As I see it, that is the trouble. Even with verifiable forensics, I am not so sure that I trust the FBI or the DHS since 45 came into office.
  12. Avenger001

    Avenger001 TS Booster Posts: 54   +41

    All this stuff is called manufacturing consent so that the population will support actions taken against Russia ; as well as to justify increasing the already ridiculous military budget.
    Last edited: Mar 16, 2018
    Atomic Nixon likes this.
  13. kapital98

    kapital98 TS Maniac Posts: 315   +243

    The career agents at the FBI and CIA are largely apolitical. The new director of the FBI has also seemed largely apolitical given the circumstances (though the CIA has been extremely political -- though that may change with a new director). Also, the other agencies involved in intelligence (like the NSA) have remained largely apolitical.

    We shouldn't be too worried by the findings of the intelligence community. We should be extremely worried if cabinet members and executive branch are not using their information to make informed decisions and preparing ourselves against these attacks.
    dirtyferret likes this.
  14. Kashim

    Kashim TS Booster Posts: 67   +45

    No puppet. You're the puppet!
  15. Atomic Nixon

    Atomic Nixon TS Rookie

    Listen to McAffee who was saying long before the Vault 7 release.... "If it looks like Russia, IT'S NOT RUSSIA!". Oh wait, can't listen to that because he was on RT at the time with Larry King and what the hell is he doing there? Isn't it weird how all the people you used to think had some journalistic integrity have been fired and all seem to have skipped over there? Fortunately we've got Rachel Maddow to tell tell us what's really happening and for only $13,000 a week.

    America is going to happily march off a cliff and take the rest of us along for the ride because they don't know Hacking 101. They sure think they do though. Could I borrow one of those hats of yours? My implant itches something fierce when I think.
  16. Atomic Nixon

    Atomic Nixon TS Rookie

    What's really horrifying is that there's reasonable skepticism here and honest debate, but everywhere else it's screeching weasels and jingoistic patriotism. Those of us in the know are far too small a demographic and "they" are exploiting the hell out of it.
  17. Atomic Nixon

    Atomic Nixon TS Rookie

    Yes, but you'll never hear about anything that conflicts with their narrative. How many people know for instance that the IP address that Crowdstrike uses as their smoking gun was from a C and C server that was taken down a year before the DNC "hack"? Why would they hard-code a known dead IP address into their malware? Just stupid that way? Compile times were all just five days before they announced the "hack" as well.
  18. jwdR1

    jwdR1 TS Enthusiast Posts: 40   +29

    Any you really think their tools don't take that into account?

Similar Topics

Add your comment to this article

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...