It may be quiet now, but no one should be lulled into complacency. Experts believe a huge cyber attack is around the corner.

Cybersecurity and Infrastructure Security Agency (CISA), along with the FBI and the U.S. Department of Energy, published a joint cyber advisory on March 24, 2022 highlighting intrusion campaigns targeting energy organizations conducted by indicted Russian state-sponsored cyber actors from 2011 to 2018.

While this advisory documents past cyber activity, these agencies believe that state-sponsored Russian cyber operations continue to pose a serious threat to U.S. energy sector networks.

Take Action Now

The U.S. energy sector and critical infrastructure organizations are strongly urged to prepare. It’s estimated that more than 60% of the time, attacks don’t involve malware. Hackers can use stolen credentials or other simple ways to enter weakly protected networks. Actions that IT managers can take now include:   

  • Implementing robust network segmentation between information technology and industrial control systems (ICS) networks   
  • Enforcing multifactor authentication   
  • Clamping down on the creation, modification, use, and permissions associated with privileged accounts

Some infrastructure—like water purification and power plants—rely on older technology that wasn’t originally designed for network connectivity. This makes it easier for Russian hackers to go after embedded systems in industrial equipment. Utilities are great targets for hackers. Shutting down a power grid can paralyze a region, and these bad actors want to do physical damage in the real world.

2017 NotPetya Cyber Attack

To understand why the U.S. government is so anxious about Russian cyber threats, it’s important to revisit a 2017 hacking incident that received little attention.

NotPetya is malware used by Russian military hackers to attack Ukraine. Its impact went far beyond the intended target. The malware was uploaded as an update to an Ukrainian tax preparation software and spread rapidly from there. Multinational companies were hit, and damage from this attack exceeded $10 billion. In 2019, Fred Smith, the CEO of FedEx, called NotPetya “the largest single attack by a state-sponsored entity in the history of the world.” It could easily happen again.

The federal government is concerned about the energy sector because of older infrastructure, but all organizations should do everything possible to protect their data and IT systems.

If you fail to plan, you are planning to fail. Stay informed. For updates from CISA on potential Russian government cyber attacks for all sectors, visit: https://www.cisa.gov/shields-up

You Might Also Like

Leave a Comment