HYBRID WAR. Russian special services attack computer networks of US authorities
The Department of Homeland Security and the Agency for Cyber and Infrastructure Security warned of the identification of hacker attacks aimed at US government systems, as well as servers associated with the aviation industry. The Hill writes about this with reference to a joint statement by these departments.
The Russian intelligence hacker group, known as Energetic Bear, has attacked state, local and territorial networks since September and seized data from at least two servers, including those associated with the aviation industry. According to the publication, this hacker group was involved in attacks on oil and gas companies in 2014, as well as in the recent attack on the San Francisco airport.
US intelligence agencies have warned that in at least one attack, a hacking group of Russian intelligence services obtained passwords, IT instructions, information on purchases and sales and other data.
The newspaper notes that “to date, there is no evidence that the integrity of the election data was compromised, but the attacks posed a threat to some of the election data stored on the networks of the state, local and territorial level.”
US intelligence agencies are also investigating the question of whether hackers could deliberately disrupt the operation of aviation systems, systems related to education, elections or the work of government bodies.
The publication draws attention to the fact that this information appeared the next day after the US authorities announced that Russia and Iran had access to information about the elections for further interference in their course.
Washington switched to a more active form of confrontation with Russia in cyberspace after the Ministry of Homeland Security and the FBI for several years signaled to the country’s leadership about the threats from Russia.
According to intelligence agencies, Russian intelligence agencies have placed malware in the infrastructure of American power plants, oil and gas pipelines and water supply facilities in order to organize large-scale sabotage in the event of a conflict with the United States.
The events of 2015 caused great alarm in the White House. Then the Russian special services organized a blackout in western Ukraine, depriving hundreds of thousands of people of access to electricity for several hours. Investigations revealed that the attack was organized by the same hacker groups Energetic Bear and Dragonfly that infiltrated US power grids.
And at the end of 2015, another group of Russian GRU hackers became more active, who began to look for vulnerabilities in US nuclear power plants. In 2016, these same hackers attempted to take control of power outages at U.S. factories.
In early 2018, Americans concluded that Russia was responsible for “the most devastating cyber attack in human history,” which paralyzed most of Ukraine and damaged American companies, including Merck and FedEx.
In the summer of 2018, it became known that the Pentagon expanded the powers of the cyber command of the US Armed Forces and allowed representatives of the unit to carry out “hacker raids on foreign networks to prevent cyber attacks.” Director of the National Security Agency, Cyber Command Commander Paul Nakasone has created a special team to “eliminate Russian threats in cyberspace.”
At the end of September this year, Microsoft blamed Russia for more than half of the state-sanctioned cyberattacks recorded by Microsoft specialists from July 2019 to June 2020.
According to Microsoft, almost 90% of attacks originated from Russia (52%), Iran (25%) and China (12%).
CLICK TO DROP YOUR COMMENT