Monday, December 28, 2015 by usafeaturesmedia
(Cyberwar.news) American intelligence has identified a Russian firm with ties to Moscow’s government that has searched for vulnerabilities in U.S. financial, power and other critical infrastructure, the Washington Times reported last week.
The relationship between the company, which has close ties to Russia’s Federal Security Service or FSB, as it is known, “has heightened fears among U.S. cyberintelligence officials that Moscow is stepping up covert efforts to infiltrate computer networks that control critical U.S. infrastructure such as oil and gas pipelines and transportation,” the Times reported.
The efforts appear to be part of a broader strategic cyber-reconnaissance effort on behalf of the Russian military, in what the Pentagon believes is preparation for future cyberattacks during any potential conflict. The Russian firm is also in the process of opening a branch office in the United States as part of its intelligence-gathering mission, officials familiar with the effort told the Times on condition of anonymity.
U.S. officials did not identify the company by name, the Times noted. But cyber security officials are covertly warning government security officials and industry cybersecurity managers about the Russian firm and its plan to operate in the U.S.
The Russian company possesses extensive technical experience in finding cybersecurity vulnerabilities in control and data acquisition systems that are used to remotely control critical infrastructure.
Such systems are used by government and private sector system controllers for operating equipment used in water treatment and distribution, wastewater collection and treatment, oil and gas pipelines, electric grids, wind farms and large communications systems, the Times noted.
Director of National Intelligence James Clapper told Congress in September that Russian hackers have found their way into U.S. industrial control networks for critical infrastructure, as Cyberwar.news reported. Their mission is to develop the capacity to access critical U.S. systems remotely that “might be quickly exploited for disruption if an adversary’s intent became hostile,” Clapper testified.
“Unknown Russian actors successfully compromised the product-supply chains of at least three [industrial control system] vendors so that customers downloaded malicious software designed to facilitate exploitation directly from the vendors’ websites along with legitimate software updates,” Clapper in Sept. 10 testimony to the House Permanent Select Committee on Intelligence.
What is not said is that it is highly likely that hackers working on behalf of the U.S. government have also managed to penetrate critical infrastructure in Russia, as well as China, making any effort to destroy one another’s infrastructure a mutually disruptive endeavor.