Sophisticated hackers are now targeting energy and industrial firms – the latest sign that cyber attacks present an increasing threat to the power industry and other public infrastructure.
In view of this threat, the United States government recently issued a rare public warning that these hackers had breached certain networks.
Nuclear, Energy, Aviation, Water & Critical Manufacturing Have Been Targeted
In a report distributed via e-mail, the US Department of Homeland Security and Federal Bureau of Investigation warned that the nuclear, energy, aviation, water and critical manufacturing industries have been targeted along with government entities in attacks dating back to at least May.
The agencies warned that hackers had succeeded in compromising some targeted networks, but did not identify specific victims or describe any cases of sabotage.
The report said the objective of the attackers’ was to compromise organisational networks with malicious e-mails and tainted websites to obtain credentials for accessing computer networks of their targets.
Remain Vigilant for New Threats
The US authorities have been monitoring the activity for months, which they initially detailed in a confidential June report.
That document which was privately distributed to firms at risk of attacks, described a narrower set of activity focusing on the nuclear, energy and critical manufacturing sectors.
The Department of Homeland Security declined to elaborate on the information in the report or say what prompted the government to go public with the information now.
“The technical alert provides recommendations to prevent and mitigate malicious cyber activity targeting multiple sectors and reiterates our commitment to remain vigilant for new threats,” it said.
Security researchers said the report described an escalation in targeting of infrastructure in Europe and the US that had been noted in recent reports from private firms, including Symantec.
The FBI declined to comment on the report.
“This is very aggressive activity,” said Robert Lee, an expert in securing industrial networks.
Cyber security firm CrowdStrike said the technical indicators described in the report suggested the attacks were the work of a hacking group it calls Berserk Bear, which is affiliated with the Russian Federation and has targeted the energy, financial and transportation industries.