According to an FBI memo obtained by CBS News and CNN Tuesday, hackers “believed to be associated with cyber actors who previously conducted destructive cyber activity against foreign critical infrastructure” have been scanning the networks of five US energy companies in a possible prelude to hacking attempts. The memo stated, “This scanning activity has increased since the start of the Russia/Ukraine conflict, leading to a greater possibility of future intrusions.”
CBS news reported today, the FBI has identified 140 overlapping IP addresses linked to “abnormal scanning” activity of at least five U.S. energy companies, as well as at least 18 other U.S. companies spanning the defense industrial base, financial services, and information technology.
“US Energy Sector entities are advised to examine current network traffic for these IP addresses and conduct follow-on investigations if observed,” the alert reads.
According to the FBI, IP addresses identified by law enforcement began scanning U.S. critical infrastructure as early as March 2021.