Someone's phishing US nuke power stations. So far, no boom.....
German Federal Security Services are taking this as a serious Russian APT28 warning to the West after their four attacks on the Baltics and Ukraine power grids....they see it as a not so subtle form of escalation....
BTW...the recent again from Russia malware hacking attack against Ukraine focused on power plants, power grid, fuel (gas) stations, and water/natural gas supply infrastructure and anything that basically used a computer...
https://www.theregister.co.uk/2017/0...=1499413546138
Also from NYTs....
https://www.nytimes.com/2017/07/06/t...ck-report.html
BTW....what is not being talked about is that in two US nuclear sites the recent malware attack unleashed on Ukraine actually made it into the business computers of the two nuclear power companies....Don't panic, but attackers are trying to phish their way into machines in various US power facilities, including nuclear power station operators.
It seems so far whoever behind the campaign has tried phishing and watering-hole attacks, but haven't got beyond corporate networks (which in critical infrastructure should be on separate networks from the operational systems).
The New York Times got wind of the intrusion attempts, getting a look at a joint Department of Homeland Security/FBI report.
The money quote from the story appears to be this:
There is no indication that hackers were able to jump from their victims’ computers into the control systems of the facilities, nor is it clear how many facilities were breached.
Spokespeople for one of the targets, the Wolf Creek Nuclear Operating Corporation (in charge of a facility near Burlington in Kansas) said it maintained separate networks for corporate and operations systems, so there was no risk to its power stations.
BUT here is the problem not talked about...the malware contained a LSADump hack tool designed to collect all passwords and domain controllers allowing for later successful hacks unless ALL passwords were immediately changed and ALL domain servers reconfigured....
AND where is again that Trump promised US cyber defense plan he stated would be available in 90 days....nowhere to be seen ...we are now 160 days in and still nothing to be seen AND yet he is worried about alleged voter fraud that happens less than the number of Americans hit yearly by lighting........
Bookmarks