The Federal Bureau of Investigation and the Department of Homeland Security issued a joint Technical Alert late last week to warn that Russian government-based hackers are actively targeting U.S. utilities, other critical infrastructure, aviation, manufacturing, and commercial facilities. The alert reports that the Russian hackers are initially obtaining access to suppliers or third-party vendors as “staged targets,” waiting for an opening, and then accessing their ultimate “intended target” utilizing malware and spear phishing techniques. Once the hackers gain access to the intended target, they conduct reconnaissance and collect information on the industrial control systems. The hackers use that information to take control of those systems, allowing them to conduct multiple, simultaneous shutdowns in a coordinated attack to deny necessary services such as electricity and water. These attacks highlight the necessity for third-party and vendor due diligence.
Brad Davis is a legal intern who contributed to this post.