October 23, 2017 by

US Govt Warns Energy, Aviation Companies of Cybersecurity Threats

The US government has reportedly issued a rare public warning about targeted hacking campaigns focused on energy and other critical public infrastructure in the country.

In a reported distributed via email on Friday, both the Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI) warned that energy, aviation, water, nuclear and other critical manufacturing industries have been targeted alongside government entities in attacks going back to May.

According to the authorities, the hackers’ objectives is to bombard and compromise organizational networks with malware-laden emails and tainted websites to farm credentials for computer networks of their targets. Further, they warned that hackers had successfully compromised ‘some’ targeted networks without revealing any details of the victims.

According to Reuters, the government has been monitoring the activity for months and released a confidential report back in June which was privately distributed to firms at the risk of hackers’ attacks.

A cybersecurity expert who secures industrial networks said the report specifically describes activities from two or three hacking groups using stolen credentials to spy on organizations in the United States and elsewhere. Robert Lee, the chief executive of cybersecurity firm Dragos said the report also suggests the groups could be working on behalf the Russian government. Other cybercriminal groups targeting critical infrastructure that appears to be working on behalf of other countries including Iran, North Korea and China.

The report also revealed hackers have successfully infiltrated a number of targets including at least one energy generator before conducting reconnaissance on their networks. At least six technical documents in the report described malware deployed in the attacks.

The report suggests that the Department of Homeland Security “has confidence that this campaign is still ongoing and threat actors are actively pursuing their objectives over a long-term campaign.”

Image credit: Flickr.

About the author

Image of Author

LIFARS is a digital forensics and cybersecurity intelligence firm based in New York City. LIFARS is ranked as one of the top Digital Forensics and Cyber Investigations companies in 2016 and as one of the top cybersecurity companies in the New York metropolitan area for 2015 on the Cybersecurity 500 – a directory of the hottest and most innovative companies to watch in the cybersecurity industry.

Related articles

US Homeland Security Team Remotely Hacked a Boeing 757

A Department of Homeland Security (DHS) official has admitted that he and a team of experts remotely...

Read more arrow_forward

Android, Linux Vulnerabilities Dominate the US-CERT Bulletin this Week

The most recent vulnerability summary bulletin by the Department of Homeland Security’s US-CERT...

Read more arrow_forward

The FBI’s Cyber Action Team is Investigating the WannaCry Ransomware

The sweeping global ransomware menace led by WannaCry and its many variants is being investigated by...

Read more arrow_forward