Cyberattacks targeting U.S. energy and industrial firms are increasing, prompting the U.S. government to issue a public warning about the potential threat.
According to a news report in Reuters, in a rare move, the Department of Homeland Security and the Federal Bureau of Investigation (FBI) warned that sophisticated hackers are targeting nuclear, energy, aviation, water and critical manufacturing industries, as well as government entities.
The cyberattacks date back to May, but could go back even further. The goal of the hackers was to use malicious emails and websites to obtain credentials in order to access the computer networks. The hackers were able to compromise some of the targets, but the government wouldn’t provide information about any specific incidents. Authorities have been monitoring the activity for months now, noted Reuters, citing a confidential report that was distributed to firms that were determined to be at risk of an attack. The report provided information on activities that targeted nuclear energy and critical manufacturing sectors.
Department of Homeland Security spokesman Scott McConnell declined to tell Reuters what prompted the current government cybersecurity warning.
“The technical alert provides recommendations to prevent and mitigate malicious cyberactivity targeting multiple sectors and reiterated our commitment to remain vigilant for new threats,” he said in the report. The FBI declined to comment.
Reuters cited cybersecurity researchers as saying the document detailed an increase in the targeting of infrastructure in Europe and the United States. It also said that Homeland Security “has confidence that this campaign is still ongoing, and threat actors are actively pursuing their objectives over a long-term campaign."
Robert Lee, a security expert and chief executive of cybersecurity firm Dragos, told Reuters the move on the part of the government is aggressive. He said it appears to be the work of hackers employed by the Russian government, but declined to elaborate. The company is also monitoring other groups targeting infrastructure that appear to be tied to China, Iran and North Korea, the executive told Reuters.