OAKLAND, Calif. - Late Wednesday, multiple federal agencies issued a warning to corporate executives and their computer security departments. It says that an unnamed attacker has released malicious, invasive computer programs capable of gaining "full system access" to multiple industrial control systems, especially utility systems. Other experts say Russia is the source.
The evidence gathered suggests Russia's cyberwar tools are designed to target energy firms in North America. 85% of all American critical infrastructure is in the hands of private companies such as Pacific Gas and Electric, Chevron, Wells Fargo, Intel, Sutter Health and others.
Crowdstrike, a major cybersecurity technology company providing security, threat intelligence, and cyberattack response services say this about Russian government cyber warriors and cyber criminal gangs working on Putin's behalf: "From our perspective and research, they're certainly some of the best," said Crowdstrike Chief Technology Officer Michael Sentonas. That's based on Crowdstrike's evaluation of Russian hacker effectiveness, how fast they can hack into secure sites and their so-called trade craft in high-stakes, high-security break-ins and system takeovers.
"When we talk about cyberware, we actually have to think about the average organization, large and small, privatized critical infrastructure. They all are potentially at risk here. I certainly expect that we'll see activity sometime. Just because we haven't seen a widespread cyber attack, which is interesting in of itself, it doesn't mean that people haven't already been exposed," said Sentonas.
In other words, many systems may have already been implanted, but the attack has not yet been triggered. "People need to take this time to make sure that they're prepared, that they can defend themselves," said Sentonas.
The attacks would come in the form of "denial of service." So, much incoming traffic thrown at a utility, bank, online marketer or healthcare provider that customer or supplier access is impossible. Another, far more punitive assault: so-called "wiper" attacks, transmitting malicious software into a target's system, that literally destroying its computers.
"There will be impacts. That's for sure. But, we need to make sure that we can recover as quickly as possible," said Sentonas. But, the U.S. and NATO have similar counter strike capabilities. "Certainly a question for the Government. But, it is reasonable to expect that the U.S. Government and other governments have the capability. We need to. Every government has been building that capability. And the whole idea behind it is that system that you attack is simply rendered inoperable," said Sentonas.
So, with this new federal warning, we may indeed be on the verge of cyberwar where there will be serious casualties on both sides.