Officials from the Department of Homeland Security and Federal Bureau of Investigation released information that Russian hackers have been targeting power sources, water processing plants and aviation facilities since 2016. News reports have surfaced that Russian hackers breached more than a dozen power plants in at least seven states.
The Department of Homeland Security’s statement read as follows:
“Since at least March 2016, Russian government cyber actors have targeted government entities and multiple U.S. critical infrastructure sectors including those of energy, nuclear, water and aviation.”
Energy Secretary Rick Perry further added that, “Cyber- attacks are literally happening hundreds and thousands of times a day. The warfare that goes on in the cyberspace is real; it’s serious, and we must lead the world.”
U.S. government officials including those from the FBI believe the hackers initially breached suppliers and third- party vendors before moving from these networks to their actual targets.
The report disclosed that the Russian hackers most likely focused their phishing activities on small commercial facilities’ networks in order to gain access into the energy sector networks.
Another tactic used by the Russian hackers was to plant malicious content on select informational websites. They did this in order to gain security credentials they could use to retrieve more information and deeper access.
Once the Russian hackers successfully gained access, they would conduct “network reconnaissance” and implemented courses of action that would corrupt the systems and opened the networks to their control.
Cyber- security firm Symantec released a report in October 2017 that linked the series of attacks to a group with the code name Dragonfly. Symantec indicated in its report that it had found evidence of a critical breach in network facilities not just in the U.S. but also in Turkey and Switzerland.
Symantec traced the origin of the attacks as far back as 2011 where Dragonfly allegedly hacked several companies including those engaged in the development of chemical compounds and their networking systems. They had used the stolen information to launch an aggressive wave of attacks on industrial control systems. Once compromised, millions of Americans would have no power or water.
Senator Maria Cantwell, a Democrat, said the recent disclosures should shift more focus on finding ways to defend U.S. infrastructure from further attacks:
“I hope today’s belated response is the first step in a robust and aggressive strategy to protect our critical infrastructure.”