Phil Neray commented below, as part of our experts comments series, on reports coming out from a cyber research forum in Washington DC (WiredNY Post) that the Russian “Energetic Bear” hacking group is still actively probing the U.S. power grid critical infrastructure.

Phil Neray, VP of Industrial Cybersecurity at CyberX:

“Adversaries don’t usually install footholds in enemy territory unless they plan to eventually launch an attack. Energetic Bear has been active in our critical infrastructure since at least 2014, when they injected Havex malware into software downloads from industrial automation vendors, giving them direct access to industrial control systems in a range of industries from energy to chemicals to pharmaceuticals. Infecting software downloads is also the same technique that Russian threat actors used to spread NotPetya, which caused billions of dollars in damage to industrial firms worldwide — so it’s clear they aren’t afraid of causing massive chaos when they decide it’s time to make it happen.”

Experts Comments

Stay Tuned! Our Information Security Experts Community is responding .....

Submit Your Expert Comments

What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.

Write Your Expert Comments *
Your Registered Email *
Notification Email (If different from your registered email)
* By using this form you agree with the storage and handling of your data by this web site.