Share the post "Beware Of ‘Energetic Bear’ Warns The US Government To Companies"
In wake of the fears of being infected with malicious software from the “Energetic Bear” hacking group, the US government has asked critical infrastructure operators to review computer networks. The group is believed to be tied to the tied to the Russian government.
The request has been issued by Department of Homeland Security’s Industrial Control Systems Cyber Emergency Response Team, or ICS-CERT, after researchers with F-Secure of Finland and Symantec Corp of the United States reported that they believed Energetic Bear was behind a campaign to infect energy and industrial firms around the world with infected software known as the Havex Trojan.
The government has advised critical infrastructure operators to tighten security, and provided them a list of specific steps to better protect their systems. It also asked them to check to see if their systems had been infected.
It may be noted that Havex from ICS-CERT had issued another notice last week which said that the agency and F-Secure had learned that the malicious software was designed to send a map of the network infrastructure back to the hackers’ command-and-control server.
The security agencies, however refused to identify companies whose systems were infected, though they said they were in the energy and industrial sectors.
F-Secure and Symantec said they believed the malicious software had so far only being used for spying, but that it had the capability to be used for sabotage.
The Energetic Bear gang was first identified in January by researchers with cybersecurity firm CrowdStrike, which said the group was linked to the Russian government and was focused on espionage.
The researchers estimate that around 1,018 organizations across 84 different countries had been hit by the operation, though not all countries were known and some infections might be accidental. Geographically, the most activity was in Spain, followed by the United States, then France, Italy and Germany.