Security News > 2022 > March > US DoJ reveals Russian supply chain attack targeting energy sector
The United States Department of Justice has unsealed a pair of indictments that detail alleged Russian government hackers' efforts to use supply chain attacks and malware in an attempt to compromise and control critical infrastructure around the world - including at least one nuclear power plant.
The trio allegedly spent 2012 to 2014 working on a project code-named "Dragonfly" during which a supply chain attack targeted updates of industrial control systems and supervisory control and data acquisition systems.
From 2014 to 2017 the crew moved on to "Dragonfly 2.0" and "Transitioned to more targeted compromises that focused on specific energy sector entities and individuals and engineers who worked with ICS/SCADA system."
The DoJ has used the unsealing of the indictments to remind US businesses that they are constantly at risk of cyber attacks, reinforcing White House messaging issued earlier this week about Russia preparing revenge attacks on US targets as reprisal for sanctions imposed in the wake of the Kremlin's illegal invasion of Ukraine.
Of course the US itself has form executing attacks not entirely dissimilar to those described in the indictments.
The Stuxnet worm that rampaged through industrial control systems around the world is widely held to have started life as an American attack on Iran's nuclear capabilities.
News URL
https://go.theregister.com/feed/www.theregister.com/2022/03/25/us_indicts_russian_state_hackers/
Related news
- Microsoft and DOJ disrupt Russian FSB hackers' attack infrastructure (source)
- Hacktivist Group Twelve Targets Russian Entities with Destructive Cyber Attacks (source)
- US proposes ban on Chinese, Russian connected car tech over security fears (source)
- Israel’s Pager Attacks and Supply Chain Vulnerabilities (source)
- US sanctions crypto exchanges used by Russian ransomware gangs (source)
- DOJ, Microsoft seize 107 domains used in Russia's Star Blizzard phishing attacks (source)
- US Government, Microsoft Aim to Disrupt Russian threat actor ‘Star Blizzard’ (source)
- US, UK warn of Russian APT29 hackers targeting Zimbra, TeamCity servers (source)
- Healthcare attacks spread beyond US – just ask India's Star Health (source)
- Supply Chain Attacks Can Exploit Entry Points in Python, npm, and Open-Source Ecosystems (source)