Hackers since May have targeted U.S. government entities along with the energy, water, aviation, nuclear, and critical manufacturing sectors, according to a U.S. Department of Homeland Security warning issued Friday and updated on Saturday.
On the one hand, some cybersecurity professionals say the report rehashes many earlier warnings from the IT security sector. But on the other hand, the DHS memo could represent an important warning to any infrastructure-centric organization -- and their partner ecosystems.
According to DHS:
"This campaign comprises two distinct categories of victims: staging and intended targets. The initial victims are peripheral organizations such as trusted third party suppliers with less secure networks. The initial victims are referred to as “staging targets” throughout this alert. The threat actor uses the staging targets’ networks as pivot points and malware repositories when targeting their final intended victims. The ultimate objective of the cyber threat actors is to compromise organizational networks, which are referred throughout this alert as “intended target.”
ChannelE2E has reached out to MSSPs focused on infrastructure cybersecurity, particularly cybersecurity specialists that safeguard the power grid. We'll update this coverage with comments as they surface.