President Trump’s administration recently announced a series of new sanctions against the Russian government over its alleged meddling in the 2016 presidential election and numerous hacking attempts. The announcement coincided with a joint statement of condemnation over Russia’s apparent attempt to poison a former spy turned information in London by the British, French, and American governments. It also corresponded with a Homeland Security and FBI report indicating that Russian hackers had launched a “multi-stage intrusion campaign” against the U.S. energy grid and infrastructure.
According to a new report by the U.S. Computer Emergency Readiness Team, or CERT, “Russian government cyber actors” have “compromised victim networks” via “a multi-stage intrusion campaign.” Said campaign “targeted small commercial facilities’ networks where they staged malware, conducted spear phishing, and gained remote access into energy sector networks.” If and when they gained access, the hackers “conducted network reconnaissance, moved laterally, and collected information.” The report provided no specifics about the targets, but did note they were “multiple organizations in the energy, nuclear, water, aviation, construction, and critical manufacturing sectors.”
Interestingly, in addition to announcing the new sanctions against Russia and several affiliated individuals, the White House also revealed that they were a response to “a previously undisclosed attempt to penetrate the American energy grid.” As Treasury Secretary Steven Mnuchin put it in his statement, “The administration is confronting and countering malign Russian cyberactivity, including their attempted interference in U.S. elections, destructive cyberattacks, and intrusions targeting critical infrastructure.”