Security Firms Tie Russian Government to Utilities Hacks

[InfoSec News <alerts () infosecnews org>]

http://www.bloomberg.com/politics/articles/2014-10-30/security-firms-tie-russian-government-to-utilities-hacks

By Michael A. Riley and Jordan Robertson
Bloomberg.com
October 23, 2014

North American utilities are scouring their systems for signs of Russian 
malware that the U.S. government has warned could give hackers control of 
water treatment facilities and parts of the electrical grid.

The U.S. Department of Homeland Security issued alerts about digital 
attacks on utility computer systems on Oct. 8, Oct. 17 and Oct. 28. The 
agency didn’t identify the country behind the hacks, but cybersecurity 
firms yesterday connected them to Russia. The firms have cautioned in 
recent reports that cyberspying by Russia is on the rise, and a recent 
breach of an unclassified White House computer system was linked to the 
Russian government or criminal hackers.

The DHS alerts said malware called BlackEnergy was used to access to 
human-machine interfaces, systems utility operators use to control 
critical functions. U.S. investigators haven’t detected attempts to modify 
or damage those systems, according to the Oct. 28 warning, suggesting that 
infiltrators were trying to gain control for later use.

“The targets are specialized systems that aren’t good sources of 
intelligence collection,” said John Hultquist, senior manager for cyber 
espionage threat intelligence at Dallas-based iSight Partners. “These are 
the precursors of potential offensive operations.”

[...]

--
Evident.io - Continuous Cloud Security for AWS.
Identify and mitigate risks in 5 minutes or less.
Sign up for a free trial @ https://evident.io/