The US government has reportedly issued a rare public warning about targeted hacking campaigns focused on energy and other critical public infrastructure in the country.
In a reported distributed via email on Friday, both the Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI) warned that energy, aviation, water, nuclear and other critical manufacturing industries have been targeted alongside government entities in attacks going back to May.
According to the authorities, the hackers’ objectives is to bombard and compromise organizational networks with malware-laden emails and tainted websites to farm credentials for computer networks of their targets. Further, they warned that hackers had successfully compromised ‘some’ targeted networks without revealing any details of the victims.
According to Reuters, the government has been monitoring the activity for months and released a confidential report back in June which was privately distributed to firms at the risk of hackers’ attacks.
A cybersecurity expert who secures industrial networks said the report specifically describes activities from two or three hacking groups using stolen credentials to spy on organizations in the United States and elsewhere. Robert Lee, the chief executive of cybersecurity firm Dragos said the report also suggests the groups could be working on behalf the Russian government. Other cybercriminal groups targeting critical infrastructure that appears to be working on behalf of other countries including Iran, North Korea and China.
The report also revealed hackers have successfully infiltrated a number of targets including at least one energy generator before conducting reconnaissance on their networks. At least six technical documents in the report described malware deployed in the attacks.
The report suggests that the Department of Homeland Security “has confidence that this campaign is still ongoing and threat actors are actively pursuing their objectives over a long-term campaign.”
Image credit: Flickr.