Russia is a relentless, increasingly malicious hacker of everything American, recent threats show.
Last week, the U.S. Treasury Department sanctioned a Russian government research institution linked to the Triton malware, which the Treasury called “the most dangerous threat activity publicly known.”
The hackers, by weaponizing Triton, aim to disable industrial safety systems. “Such systems provide for the safe emergency shutdown of industrial processes at critical infrastructure facilities in order to protect human life,” the Treasury said in the statement.
“This is … the first time an [Industrial Control Systems] cyberattack has ever been sanctioned,” Rob Lee, CEO and co-founder of industrial cybersecurity platform provider Dragos, told Fox News.
“This is entirely appropriate as this cyberattack was the first ever targeted explicitly towards human life. We are fortunate no one died and I’m glad to see governments take a strong stance condemning such attacks,” Lee added.
Prior to the Treasury issuing the statement, the FBI and Cybersecurity and Infrastructure Security Agency issued an advisory on a Russian state-sponsored threat, saying that the entity “has conducted a campaign against a wide variety of U.S. targets.”
The FBI and CISA (part of the Department of Homeland Security) said they observed the Russian state-sponsored actor targeting U.S. state, local, territorial and tribal (SLTT) government networks, as well as aviation networks.
CISA said the “threat actor” successfully compromised network infrastructure and “exfiltrated,” aka stole, data from at least two victim servers.
These network vulnerabilities targeted “are a boon for … state-sponsored threat actors,” Satnam Narang, staff research engineer at Tenable, told Fox News.
Russia has also been ramping up malicious cyber operations targeting the U.S. presidential election.
John Ratcliffe, the director of National Intelligence, issued a statement last week that Russia – along with Iran – had obtained voter registration information.
“This data can be used by foreign actors to attempt to communicate false information to registered voters that they hope will cause confusion, sow chaos, and undermine your confidence in American democracy,” Ratcliffe said.
The meddling is not expected to stop any time soon, experts say. “We can be sure that Russia will continue these nefarious tactics post-election, as expected reporting delays will provide the perfect opportunity for these operatives to spread false narratives on, for example, the legitimacy of the results in order to sow confusion and possible unrest among Americans,” Theresa Payton, former White House chief information officer who served under President George W. Bush from 2006-2008 and CEO of Fortalice Solutions, told Fox News.
“The Russian state is among the most successful operators of disinformation campaigns,” according to a report this week from cybersecurity firm Digital Shadows. “Russia’s attempts at broader political influence overseas have been facilitated by its use of state-owned traditional media, bots, ‘hack and leak’ operations, and cooperation between organized crime groups and Russian government agencies,” the report said.