The Biden administration is warning that hackers are attempting to access and disrupt industrial control systems, using custom-built malicious software to target organizations in the energy sector.
A bulletin released Wednesday by the Federal Bureau of Investigation, the National Security Agency, the Department of Homeland Security and the Energy Department said so-called advanced persistent threat actors, a phrase often used to describe state-backed hackers, are able to breach industrial networks and then exploit weaknesses in devices that control those facilities. The government specifically warned about devices made by companies such as Omron Corp. and Schneider Electric, a major manufacturer of industrial control equipment, including electric utilities.
Robert Lee, the CEO of cybersecurity firm Dragos Inc., said on Twitter the hackers’ malware is “highly capable” and worth monitoring because of a destructive capabilities. Dragos has “high confidence” that a state actor developed the malware “with the intent on deploying it to disrupt key infrastructure sites,” Lee said.
The bulletin encouraged firms with industrial control systems to isolate their corporate computer networks and use strong passwords, among other recommendations.
The government has recently warned of increased threats from Russia amid the war in Ukraine, although the bulletin didn’t identify any country it believes to be responsible in this case.