Tag: Playing | Page 2

Cyber Security Playing Greater Role In Energy Companies’ Digital Transformation

March 27, 2021/in Computer Security

As U.S. oil and gas operations and electric power systems increasingly turn to digital, cloud-based solutions to help operate their oilfields and generation plants, executives are becoming increasingly concerned about the need for cybersecurity to harden their defenses against hackers and bad actors seeking to damage or even shut down those systems.

A rash of recent cyber security breaches highlights the vulnerability of even the country’s most critical systems to cyber mischief. In the SolarWinds scandal uncovered last year, officials uncovered cyberattacks that had taken place against numerous U.S. government agencies and thousands of public and private-sector entities around the world.

More recently, in February the operator of a water-treatment plant in west-central Florida uncovered a potentially dangerous intrusion that had occurred on the plant’s computer system. The hacker or hackers set the levels of sodium hydroxide, a potentially dangerous chemical, to increase by more than 100 times the normal levels. The operator returned the chemical levels to their correct proportions and avoided a potential health disaster.

A recent report by MIT Technology Review, prepared in partnership with Siemens Energy finds that the digital transformation that the oil and gas industry is currently undergoing has brought with it both operational benefits as well as cybersecurity vulnerabilities.

Oil and gas companies are “collecting and analyzing data, connecting equipment to the internet of things and tapping cutting-edge technologies to improve planning and increase profits, as well as to detect and mitigate threats,” the report states. “At the same time, the industry’s collective digital transformation is widening the surface for cybercriminals to attack.”

Federal officials also are beginning to recognize the need to bolster the cyber-security defenses of critical infrastructure. In the House’s new $312 billion infrastructure bill, supported by President Biden, about $3.5 billion has been earmarked for improving the cyber-security of the electric grid.

Such hardening of the grid’s defenses against cyber intrusion is desperately needed, according to Tom Siebel, the…

Source…

Opinion | With Hacking, the United States Needs to Stop Playing the Victim

December 24, 2020/in Computer Security

As solid as the U.S. cyberoffense is, the defense leaves much to be desired, richly demonstrated by the litany of digital disasters, including the hacks of SolarWinds, the Office of Personnel Management, Equifax and Sony. The reality is that the U.S. government and private companies both underinvest in cybersecurity. Effective defense is a collective effort, but agencies and companies are often clueless and defenseless when it comes to countering the intrusions of countries like Russia, China or Iran.

In recent years, there have been suggestions that the United States might explore international agreements by which nations would agree to put constraints on cyberwarfare and espionage. But this idea isn’t really taken seriously. There’s a sense that rules are written by those with the biggest guns — that is Washington — can unilaterally impose global cyberorder.

The SolarWinds hack lays waste to that notion. Confidence that the United States possesses a monopoly on cyberweapons borders on hubris. Even though federal agencies do possess some of the greatest cyberespionage and warfare tools and talent on the planet, the playing field is disturbingly even.

Unlike nuclear weapons, or even sophisticated conventional arms, powerful cyberweapons are cheap to produce, proliferate with alarming speed and have no regard for borders. Unable to match the United States in military spending, Russia, China, Iran and even North Korea view cybertools as a great equalizer. Why? Because the United States is singularly vulnerable to cyberattack: America is more reliant on financial, commercial and government networks than our adversaries, and, at the same time, our systems are frighteningly open and vulnerable to attack. American networks represent targets for our adversaries that are simply too soft, juicy and valuable to resist.

So, does the United States give up and do nothing? Of course not.

First, the United States should recognize that it has entered an age of perpetual cyberconflict. Unlike conventional wars, we cannot end this fight by withdrawing troops from the battlefield. For the indefinite future, our adversaries, large and small, will test our defenses, attack our networks and steal…

Source…

The Russian Hackers Playing ‘Chekhov’s Gun’ with U.S. Infrastructure – Homeland Security Today

November 6, 2020/in Computer Security

Over the last half a decade, Russian state-sponsored hackers have triggered blackouts in Ukraine, released history’s most destructive computer worm, and stolen and leaked emails from Democratic targets in an effort to help elect Donald Trump. In that same stretch, one particular group of Kremlin-controlled hackers has gained a reputation for a very different habit: walking right up to the edge of cybersabotage—sometimes with hands-on-the-switches access to US critical infrastructure—and stopping just short.

Last week the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency published an advisory warning that a group known as Berserk Bear—or alternately Energetic Bear, TEMP.Isotope, and Dragonfly—had carried out a broad hacking campaign against US state, local, territorial, and tribal government agencies, as well as aviation sector targets. The hackers breached the networks of at least two of those victims. The news of those intrusions, which was reported earlier last week by the news outlet Cyberscoop, presents the troubling but unconfirmed possibility that Russia may be laying the groundwork to disrupt the 2020 election with its access to election-adjacent local government IT systems.

In the context of Berserk Bear’s long history of US intrusions, though, it’s much harder to gauge the actual threat it poses. Since as early as 2012, cybersecurity researchers have been shocked to repeatedly find the group’s fingerprints deep inside infrastructure around the globe, from electric distribution utilities to nuclear power plants.

The Russian Hackers Playing ‘Chekhov’s Gun’ With US Infrastructure

October 27, 2020/in Computer Security

In 2017, Symantec discovered the same hackers carrying out a more targeted set of attacks against US energy sector targets. At the time, the security researchers described it as a “handful” of victims, but Thakur now says they numbered in the dozens, ranging from coal mining operations to electric utilities. In some cases, Symantec found, the hackers had gone so far as to screenshot control panels of circuit breakers, a sign that their reconnaissance efforts had gone deep enough that they could have started “flipping switches” at will—likely enough to cause some sort of disruption if not necessarily a sustained blackout. But again, the hackers appear not to have taken full advantage. “We did not see them turning off the lights anywhere,” he says.

Six months later, in February of 2018, the FBI and DHS would warn that the hacking campaign—which they named Palmetto Fusion—had been carried out by Russian state-sponsored hackers, and also confirmed reports that the hackers’ victims had included at least one nuclear power generation facility. The hackers had gained access only to the utility’s IT network, though, not its far more sensitive industrial control systems.

Going Berserk

Today Berserk Bear is widely suspected of working in the service of Russia’s FSB internal intelligence agency, the successor to the Soviet-era KGB. CrowdStrike’s Meyers says the company’s analysts have come to that conclusion with “pretty decent confidence,” due in part to evidence that aside from its foreign infrastructure hacking, Berserk Bear has also periodically targeted domestic Russian entities and individuals, including political dissidents and potential subjects of law enforcement and counterterrorism investigation, all in line with the FSB’s mission.

That’s a contrast with other widely reported state-sponsored Russian hacking groups Fancy Bear and Sandworm, who have been identified as members of Russia’s GRU military intelligence agency. Fancy Bear hackers were indicted in 2018 for breaching the Democratic National Committee and the Clinton campaign in a hack-and-leak operation designed to interfere with the 2016 US presidential election. Six alleged members of Sandworm were indicted by the US…

Source…

Tag Archive for: Playing