U.S. Infrastructure Vulnerable to Russia (and Others)?

Faybert

Faybert

Level 24
Thread author
Verified
Top Poster
Well-known
Jan 8, 2017
1,318
The U.S. Cyber Emergency Response Team (US-CERT) issued an alert March 15, “Russian Government Cyber Activity Targeting Energy and Other Critical Infrastructure Sectors” – Alert TA18-074A. It wasn’t necessarily an ah-ha moment for those in the information security profession, but the level of detail provided within the alert served to goose Main Street USA and garnered their seemingly undivided attention (even if only for one 24-hour news cycle). The Russians have been busy in the realm of espionage.

The US-CERT’s alert detailed how over the period of the past two years the Russians have been systematically coming at the U.S. energy sector, both providers and suppliers. Their efforts, according to the Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI), were focused on making a beach head with trusted third-party suppliers with “less secure networks” and the pivot to exploit the trusted access between the trusted supplier and the intended target—in this case, energy suppliers.

In a nutshell, the US-CERT points to three areas of primary concern:
  • Domain Controllers
  • File Servers
  • Email Servers
“After obtaining access, the Russian government cyber actors conducted network reconnaissance, moved laterally, and collected information pertaining to Industrial Control Systems (ICS),” according to the alert.
....
....
Click to expand...
History Shows, Turnabout is Fair Play, or, The Best Defense is a Good Offense
While we don’t know how the United States may be engaged in leveling the playing field today, we do know that they may be somewhat hamstrung, given the theft of the NSA cyber toolkit by Shadow Brokers. What also know success has not been fleeting with respect to targeting Russian communications and energy infrastructure by the U.S. intelligence.

These include a gutsy CIA intelligence operation that took place beneath the streets of Moscow in the 1980s and compromised the USSR (Russia) nuclear research secrets between the Krasnaya Pakhra Nuclear Research Institute and the Ministry of Defense. The multiyear operation was compromised separately, by two CIA officers: Aldrich Ames, who shared general information about the operation, and Edward Lee Howard, who upon his defection shared more specific information, allowing the then KGB counterintelligence department to locate the device tapping the defense communications link.

Then there was the instance in which a judo-like move was used by allied intelligence to compromise the Soviet Union’s industrial and energy infrastructure. The information was garnered from the Russian intelligence officer by the French.
.....
.....
Click to expand...
 
  • Like
Reactions: Mariihh, Brie, harlan4096 and 5 others

Similar threads

[correlate]
    • Like
    • Applause
Ukraine’s CERT discloses cyberattack on critical energy infrastructure by APT28 hacker group
Replies
4
Views
1,804
News Archive
[correlate]
[correlate]
nicolaasjan
    • Like
    • Applause
Security News US Sanctions Affiliates of Russia-Based LockBit Ransomware Group
Replies
0
Views
1,384
Security News
nicolaasjan
nicolaasjan
[correlate]
    • Like
Security News Senior US cybersecurity official reveals use of AI to counter hackers targeting critical infrastructure
Replies
0
Views
1,260
Security News
[correlate]
[correlate]

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top