US Data Systems Under Attack

This post is also available in: עברית (Hebrew)

The US government has recently issued a rare public warning about hacking campaigns targeting energy and industrial firms. The Department of Homeland Security and Federal Bureau of Investigation warned in a report distributed via email, that the nuclear, energy, aviation, water and critical manufacturing industries have been targeted along with government entities in attacks dating back to at least May. The agencies warned that hackers had succeeded in compromising some targeted networks, but did not identify specific victims or describe any cases of sabotage.

According to alarabiya.net, the goal of the attackers is to compromise organizational networks with malicious emails and tainted websites to obtain credentials for accessing computer networks of their targets. US authorities have been monitoring the activity for months, which they initially detailed in a confidential June report. That document, which was privately distributed to firms at risk of attacks, described a narrow set of activity focusing on the nuclear, energy and critical manufacturing sectors. Department of Homeland Security spokesman Scott McConnell declined to elaborate on the information in the report or say what prompted the government to go public with the information at this time. “The technical alert provides recommendations to prevent and mitigate malicious cyber activity targeting multiple sectors and reiterated our commitment to remain vigilant for new threats,” he said.

Robert Lee, an expert in securing industrial networks, said the report appears to describe groups working in the interests of the Russian government, though he declined to elaborate.

The hacking described in the government report is unlikely to result in dramatic attacks in the near term, Lee said, but he added that it is still troubling: “We don’t want our adversaries learning enough to be able to do things that are disruptive later.”