By JDavid Derosier

 

 

 

 

Even though we are through the 2018 US elections, we are not done with Russian meddling.

Ukraine

Russian forces shot at and seized three Ukrainian navy vessels in the Black Sea, injuring six crew members according to reports from Kiev, the Ukraine capital. This happened on Sunday the 28^th of October 2018. As I write this, it was only a week ago!

During the intervening time, the Ukrainian government has declared martial law in parts of the country and canceled the elections scheduled for this month. Another example of Russia meddling in foreign elections. On top of that, Putin is up for election soon and this recent military action was surely timed to help him win votes back home.

In February of 2018, American officials and security firms, including Symantec and CrowdStrike, accused the Russians of cyber- attacks on the Ukrainian power grid that left more than 200,000 citizens there in the dark.

US Energy Sector under attack

The Department of Homeland Security and the Federal Bureau of Investigation said in a joint alert issued in March of 2018, that for at least three years, Russian backed computer hackers have been targeting small business facilities to facilitate cyber-attacks on American energy.

As we know here in Southeast Texas, that’s a lot of petrochemical plants. But think in terms of electricity – the entire country produces and delivers electricity to homes and business. Imagine if Russia, or any other foreign adversary, could gain control of that network.

Almost continuous attempts have been (and are continuing to be) made with emails containing malware that could be used to then penetrate the bigger networks that the small companies are attached to. These networks have the control systems which operate our energy resources across the United States.

Issued by the US Computer Emergency Readiness Team (CERT), The Alert “provides information on Russian government actions targeting U.S. Government entities as well as organizations in the energy, nuclear, commercial facilities, water, aviation, and critical manufacturing sectors. It also contains indicators of compromise (IOCs) and technical details on the tactics, techniques, and procedures (TTPs) used by Russian government cyber actors on compromised victim networks”.

https://www.us-cert.gov/ncas/alerts/TA18-074A

According to the report, the attacks were not random. To gain access to their victims’ networks, hackers employed well-known techniques in multistep attacks, going after smaller companies’ networks on the way to their primary targets—American power plant computers and networks.

The Alert states that hackers primarily collected information—captured screenshots, recorded details about the computer and saved information about user accounts, most likely burying malicious code for the future, sort of like laying eggs.

The United States government is struggling to come up with proportionate responses to the wide variety of cyber-espionage, vandalism, and outright attacks against us. And that’s just one tiny piece of the cyber-security pie.

If you care about these things, let your representatives in Austin and Washington know about it. Do it now.

 

 

1. David Derosier consults with small business on planning and marketing issues, and provides web design and hosting services through OhainWEB.com, an accredited business with the better Business Bureau that is rated A+ by BBB. He can be reached at JDAVID@Strategy-Planning.info