DHS and FBI Warn of Ongoing APT Attack Against Critical Infrastructure

DooKey

DooKey

[H]F Junkie
Joined
Apr 25, 2001
Messages
13,559
A joint technical warning has been issued by the DHS and FBI that government entities and organizations in the energy, nuclear, water, aviation, and critical manufacturing sectors are subject to an ongoing attack campaign from an advanced actor, most probably Dragonfly (aka Crouching Yeti and Energetic Bear). According to Security Week, this new alert may suggest that either an increase in tempo or growing success in Dragonfly's activities may be occurring. Critical infrastructure may not be compromised at this time, but they may be seeking a position for possible action against the critical infrastructure in the future. The fact that both of these departments issued a joint warning is very telling in my opinion. The war for cyber dominance is hot and is getting hotter all the time.

There is no direct indication in this report that critical infrastructure operation technology (OT) networks have been compromised -- but it does state clearly that the IT networks have been breached. “This APT actor's campaign has affected multiple organizations in the energy, nuclear, water, aviation, construction, and critical manufacturing sectors.”
 
MV75 said:
Critical infrastructure has no business being on the internet.
Click to expand...

It typically isn't. Ultimately though the infrastructure is still TCP/IP based up to the actual controllers which means it isn't difficult to jump the airgap as most of these facilities don't have the level of security they should.
 
Be careful with this. Their report is full of legit mail servers, TOR exit nodes, signed psEXEC and a whole host of grisly steppe esque false positive nonsense.
 
"the war for cyber dominance"
you lost all credibility to me when you used the phrase "cyber dominance". I've only heard people call it cyber when they really have no clue on anything computers.
 
You must log in or register to reply here.
Back
Top