WASHINGTON, DC — American authorities have determined that cyber-criminals are actively targeting the U.S. government and private businesses “in the energy, nuclear, water, aviation, and critical manufacturing sectors” on behalf of Russia, a top Department of Homeland Security (DHS) official told lawmakers on Tuesday.
The official noted that the frequency and sophistication of cyber attacks against America have intensified.
During a Senate panel hearing on Tuesday, Jeanette Manfra, the assistant secretary for the Office of Cybersecurity and Communications at DHS’ National Protection and Programs Directorate, told lawmakers in written testimony:
In a series of incidents since at least May of last year, working with U.S. and international partners, DHS and FBI have identified Russian government actors targeting government entities and businesses in the energy, nuclear, water, aviation, and critical manufacturing sectors. DHS assesses that this campaign ultimately collected information pertaining to industrial control systems with the intent to gain access to industrial control systems environments.
Based on our analysis and observed indicators of compromise, DHS has confidence that this campaign is still ongoing, and threat actors are actively pursuing their ultimate long-term campaign objectives. DHS and the FBI continue to conduct incident response related to this activity and have published a joint technical alert to enable network defenders to identify and take action to reduce exposure to this malicious activity.
Eric Rosenbach, a former top Pentagon official who also testified, described Russia, North Korea, Iran, and China as America’s top cyber adversaries.
“These countries also enjoy asymmetric advantages over the United States in cyberspace,” Rosenbach, who now serves as co-director of the Belfer Center for Science and International Affairs at the Harvard Kennedy School, told the Senate Committee on Homeland Security and Governmental Affairs in his written testimony.
Both Manfra and Rosenbach cautioned Senators that threat actors operating on behalf of rival governments like Russia are targeting U.S. national security, infrastructure, public health, economic prosperity, and American democracy as a whole.
The former Pentagon official noted that the risk of Russian cyber adversaries attacking America’s election system and campaign during the 2018 mid-term elections “is very real.”
Despite all the threats, Gregory Wilshusen from the Government Accountability Office (GAO), Congress’ watchdog arm, reported lawmakers that DHS is unable to “ensure that it successfully mitigates cybersecurity risks on federal and private-sector computer systems and networks.”
DHS is charged with improving and promoting cybersecurity.
Manfra testified that cyber threats are one of the top “significant strategic risks” facing the United States, telling Senators:
Americans have seen advanced persistent threat actors, including hackers, cyber criminals, and nation states, increase the frequency and sophistication of these attacks. Our adversaries have been developing and using advanced cyber capabilities to undermine critical infrastructure, target our livelihoods and innovation, steal our national security secrets, and threaten our democracy.
Rosenbach noted that Russian has already carried out potentially catastrophic cyber attacks against U.S. infrastructure.
DHS recently confirmed that Russian military intelligence operatives emplaced the malware used to take down the Ukrainian power grid (twice!) throughout energy infrastructure in the United States…DHS [also] revealed that Russian cyber operatives have compromised major aspects of the Internet’s routing infrastructure A recent White House report by the Council of Economic Advisers predicted that the cost of cybercrime to the US economy is set to top $100 billion annually.
The Trump administration has increased sanctions on Russia over the Kremlin’s cyber attacks.