back to article US DoJ reveals Russian supply chain attack targeting energy sector

The United States Department of Justice has unsealed a pair of indictments that detail alleged Russian government hackers' efforts to use supply chain attacks and malware in an attempt to compromise and control critical infrastructure around the world – including at least one nuclear power plant. The documents detail two …

  1. Pascal Monett Silver badge

    "Of course the US itself has form"

    Yeah, and the NSA being abysmally stupid enough to get itself hacked means that said Russian hackers are probably gloating that they're using US tools against US targets.

    Well done, NSA, you have single-handedly upped the ante worldwide with your stupidity.

    1. El Bard

      Re: "Of course the US itself has form"

      And do not forget the US companies that make a living selling malware on the Free Market®:

      https://www.techdirt.com/2021/09/20/american-malware-purveyor-that-did-nothing-to-limit-misuse-now-horrified-to-find-govt-india-misused-products/

      American Malware Purveyor That Did Nothing To Limit Misuse Now Horrified To Find Gov't Of India Misused Its Products

      "More digging by Kaspersky and others discovered who was actually behind these deployments. And the source wasn’t some state-supported hackers or a malware purveyor with a malleable set of morals. No, the exploits — which were deployed to indiscriminately target people in Pakistan and China — were sold (in a way) to the government of India by an American firm, Exodus Intelligence."

      So would not be strange at all if they were indeed using tools MadeInUSA™.

  2. Version 1.0 Silver badge
    Alert

    See "Cure IT"

    A pair of wire cutters and a few tubes of epoxy resin would allow all these targets to be virtually completely secured.

    1. hayzoos

      Re: See "Cure IT"

      Good idea, but not as simple as it once was. These critical systems have been "plugged in" to the Internet for so long now that the supporting infrastructure has become reliant upon a remote connection.

      Where there may have once been a local control room in an industrial building where a local operator could monitor the plant, there is now a wiring closet where all the terminations are extended to remote connections. The space where the control room had been converted to production.

      I'm not even sure if the connections are cut if the systems would fail safe. The practice of hiring the bright young newly minted (cheaper) developers and pushing seasoned programmers out to pasture before their time (cost cutting) has resulted in sub par systems for critical infrastructure.

      My experience (many years ago) with systems like these was more often with access control and security alarms but a smattering of ICS and SCADA. None of what I saw could be safely connected beyond the local space under control (ie not even connected to the company data network) let alone connected outside the company space.

      Getting back to where we were or should have been is not going to be a simple task. We should start right away ten years ago at least.

      The longer we allow it to go on the worse it will get. Might as well provide a remote connection straight to our adversaries.

  3. martinusher Silver badge

    Obviously not very good at it

    We hear a great deal about attempts by Russian/Chinese/North Korean hackers infiltrate networks and so on. All good cloak 'n dagger stuff.

    Then along comes a bunch of British teenagers -- "Lapsus$" -- and actually achieves something. This crew seem to have been relatively disorganized but despite this were quite successful (one of their members, a 16 year old from Oxford, seems to have acquired 300 Bitcoin for his efforts).

  4. Kev99 Silver badge

    The penny pinching idiots will never learn the internet is a bloody sieve, a bunch of holes held together with string, a bunch of holes held together with vapor, a house with open doors and windows.

  5. JassMan Silver badge

    Beware the FSB

    All's fair in love and … the other thing. ®

    Any phrase other "special military operation" is now outlawed by Putin Khuylo, and will result in 13 years chatting with Alexei Navalny.

  6. Binraider Silver badge

    Cough, Stuxnet. Which probably achieved its original goal, however, by targeting Siemens PLCs a whole bunch of other targets were also compromised.

  7. Anonymous Coward
    Anonymous Coward

    Beware the hypocrisy

    But when the USA's and Israel's "no such agencies" and private "security" companies alike are doing stuff like this then it is OK, because they are the "good guys", right?

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like

Biting the hand that feeds IT © 1998–2022