July 11, 2017 by

Energy Secretary: Cyber Threat to American Nuclear Facilities are Real

The FBI and the DHS have issued a joint report alleging that hackers are targeting key installations of United States infrastructure, including power facilities.

Speaking to Fox Business, US Secretary of Energy Rick Perry confirmed the report to be true, stating:

Well, obviously it’s real, it’s ongoing and we shouldn’t be surprised.

The official added that the government was not aware if the attacks were state sponsored, or carried out by individual cyber criminals.

“These different groups, they may be state-sponsored, they may just be people who are criminal elements involved with trying to penetrate into certain areas,” Perry added.

The Department of Energy has the resources and authority to protect America’s energy installations, Perry added. The government, he said, has already been working to bolster the energy grid’s infrastructure from potential cyber threats.

He added:

The Idaho National Lab has a full out grid in Idaho where we work on infesting, if you will, a grid to see…how you detect, how you protect. That’s the goal, that’s the charge we have at the Department of Energy.

Security researchers recently revealed that attackers are turning to a new form of cyberattack, through template injection, to target critical infrastructure including nuclear power plants.

“The attachment instead tries to download a template file over an SMB connection so that the user’s credentials can be silently harvested. In addition, this template file could also potentially be used to download other malicious payloads to the victim’s computer,” researchers from Talos Intelligence wrote.

Unlike phishing attacks, where word documents contain attachments such as a malicious script or a macro, the new attack vector performs an SMB exploit while phishing is handled over HTTPS.

Image credit: Wikimedia.

About the author

Image of Author

LIFARS is the global leader in Digital Forensics and Cyber Resiliency Services. Our experience spans two decades working on high profile events, often in concert with Law Enforcement Agencies around the world. Our proprietary methodology derives directly and indirectly from our experience working with and for U.S. Intelligence Agencies, Interpol, Europol, and NATO. We are solely dedicated to Cyber Resiliency and thus pay close attention to all aspects of our clients’ engagements experience while providing a strategic and integrated array of services to minimum risk and disruption while protecting your brand.

Related articles

UK Cybersecurity Chief Blames Russia for Cyberattacks

The head of the UK GCHQ’s National Cyber Security Centre (NCSC) has accused Russia of staging...

Read more arrow_forward

US Identifies Six Russian Govt Officials Involved in DNC Hack

The US Justice Department has reportedly gathered enough evidence to charge six Russian government...

Read more arrow_forward

Secret Obama-Initiated US Program Targets Cyberstrikes against Russia

 A new report has claimed that former President Barack Obama approved the use of cyber weaponry...

Read more arrow_forward