Feds warn about foreign government-connected hackers aiming to disrupt vital industrial systems

Written by
Apr 13, 2022 | CYBERSCOOP

A joint federal advisory Wednesday says that foreign government-linked hackers are targeting specific industrial processes with tools meant to breach and disrupt them, with one cybersecurity firm noting that the prospective intruders demonstrate an unprecedented “breadth of knowledge” about industrial control systems.

The alert arrives one day after Ukrainian officials and a cyber firm discussed deflecting another ICS-targeting malware that attempted to shut down power in Ukraine. “ICS” is a term that encompasses a number of systems that are especially common in the energy and manufacturing sectors, including a variety known as supervisory control and data acquisition (SCADA).

Cybersecurity company Dragos, which aided in Wednesday’s alert, said it had named the advanced persistent threat (APT) group behind the tools Chernovite, and named the tools themselves Pipedream. Dragos said one potential use of the tools would be to disable an emergency shutdown system.

The Department of Energy, the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency, the FBI and the National Security Agency joined on the Wednesday alert.

“By compromising and maintaining full system access to ICS/SCADA devices, APT actors could elevate privileges, move laterally within an OT environment, and

Read More: https://www.cyberscoop.com/cisa-doe-fbi-nsa-pipedream-chernovite-ics/