Russia according to the FBI and DHS has attempted to return America to the stone-ages by levying attacks on critical infrastructure. A war between the two Superpowers, Russia and the United States, is not apparent to the average person, except on one front, Cyberspace.
Released on March 15th, 2018 is a report by the Department of Homeland Security and the Federal Bureau of investigations detailing that since roughly March of 2016, Russia has targeted several sectors of American infrastructure, including; energy, nuclear, commercial facilities, water, aviation, and critical manufacturing sectors.
Again, according to the joint task force and detailed in the US-CERT Alert (TA18-074A), Russia utilized several methods to gain access to highly important access control points for crucial infrastructure by means of Cyber Warfare. Some of the attempts made by Russia included; spear-phishing emails (from a compromised legitimate account), watering-hole domains, credential gathering, open-source and network reconnaissance, host-based exploitation, and targeting industrial control system (ICS) infrastructure.
The threats mentioned above were previously reported in October of 2017 by Symantec and were later analyzed by DHS and the FBI in an attempt to reveal the distinct indicators and actors involved. After analyzing the attacks, for the first time, the United States Government, the Trump administration, has formally accused Russia of a “multi-stage intrusion campaign.”
It is clear from the analysis that Russia not only wanted to monitor our critical infrastructure but also wanted to gain control of the systems as well.
Russia was accused of attempting to manipulate the 2016 presidential elections and was found to be utilizing social media to cause division and strife among the American public. However, according to the House Intelligence Committee, there was no collision identified from the Trump administration.
THE HOUSE INTELLIGENCE COMMITTEE HAS, AFTER A 14 MONTH LONG IN-DEPTH INVESTIGATION, FOUND NO EVIDENCE OF COLLUSION OR COORDINATION BETWEEN THE TRUMP CAMPAIGN AND RUSSIA TO INFLUENCE THE 2016 PRESIDENTIAL ELECTION.
— Donald J. Trump (@realDonaldTrump) March 13, 2018
According to Tech Crunch, Russian attackers employed a blend of technical attacks, social engineering and basic online sleuthing. In one instance, the report describes how the hackers downloaded a small image displayed on a target’s public human resources page. By blowing up the photo, the attackers revealed a “high-resolution photo that displayed control systems equipment models and status information in the background” — a considerable oversight and evidence of just how unevenly implemented basic operational security precautions can be in the energy sector.
As of late, Russia is not the only nation attempting to control American resources, just recently the CIA released documentation detailing how China has for decades infiltrated American Institutions through stateside Confucius Institutes.
Large campaigns of social manipulation and cyber-warfare have been waged in recent months against the United States by both Russian and Chinese actors. It appears as though Russia is attempting to infiltrate American infrastructure and China is infiltrating American institutions.
Released information regarding the attacks against American infrastructure detail two categories of intended marks; staging and intended targets. For the initial hack, attackers often infiltrated trusted-third-party suppliers or “small commercial facilities,” because they house less-secure systems, through which the hackers would then attempt to infiltrate directly.
Incredibly, the attacks on both American infrastructure and on American Institutions potentially reveal a deeper motive and or plot to infiltrate American systems jointly and simultaneously by both Russia and China. The question remains, however, are both nations in partnership to bring down American systems?
Is Russia attempting to hack the United States and return us to the stone-ages?
— Nate Brown (@natebro21) March 16, 2018
Taylor Hatmaker. “DHS and FBI detail how Russia is hacking into U.S. nuclear facilities and other critical infrastructure.” Tech Crunch. . (2018): . .
FBI and DHS. “Russian Government Cyber Activity Targeting Energy and Other Critical Infrastructure Sectors.” US-CERT. (TA18-074A).Alert (2018): . .
Threat Intelligence. “Dragonfly: Western energy sector targeted by sophisticated attack group.” Symantec. . (2017): . .
Brian Clark. “It’s official: Russia is targeting critical American infrastructure with ‘malicious cyberattacks’.” TNW. . (2018): . .