Source: Security Now
25 Jul 2018

An ongoing campaign by Russian-based groups that targets the Industrial Control Systems (ICS) of US-based utilities has shown the continuing weaknesses of this infrastructure used to protect critical infrastructure, and why a new security approach is needed.

The latest sign that ICS security needs to be rethought and revamped is a Wall Street Journalarticle that details a year-long campaign to infiltrate US utilities by a Russian-backed group alternatively called Dragonfly or Energetic Bear.

What’s more disturbing is this state-sponsored group penetrated so-called “air-gapped” networks, which are supposed to be isolated from the publicly available Internet. However, research has previously shown ways to bypass these defenses. (See A New, Invisible Threat Jumps the Air Gap.)

These newly discovered attacks are prompting the US Department of Homeland Security to issue new warnings about ICS. This adds to previously notices from the FBI and the US Computer Emergency Readiness Team (US-CERT). (See FBI & DHS Accuse Russia of Hacking Critical Infrastructure.)

Read Full Article