Russian hackers don't just go after emails.
A report released Thursday afternoon by the United States Computer Emergency Readiness Team (US-CERT) details an alleged years-long Russian effort to infiltrate and control critical infrastructure across the U.S. And in many cases they appear to have succeeded.
SEE ALSO: Russian hacking group Fancy Bear targets hundreds of journalists"Since at least March 2016, Russian government cyber actors—hereafter referred to as 'threat actors'—targeted government entities and multiple U.S. critical infrastructure sectors, including the energy, nuclear, commercial facilities, water, aviation, and critical manufacturing sectors," reads the warning. It was based on analysis from the Department of Homeland Security (DHS) and the FBI.
The report notes that a variety of methods were used by the hackers to work their way into computer systems across the country, including but not limited to "spear-phishing emails (from compromised legitimate account)," "watering-hole domains," and "open-source and network reconnaissance."
The hackers are said to have straight up gotten access to workstations "that contained data output from control systems within energy generation facilities."
A reconstructed screenshot of what the Russian hackers saw on an industrial control system. Credit: United States Computer Emergency Readiness Team Basically, if they had wanted to, the hackers likely could have wreaked some serious havoc — like turning things off.
In addition to dropping this news, US-CERT also released a detailed list of best practices that businesses in critical industries should follow. On top of things like training people how to use email better (really), the team recommended mandating two-factor authentication for employees and establishing rules for complex passwords.
Those are both good ideas, if not rather basic.
One of the recommended best practices in particular, however, suggested that the situation was really bad. "Based on the suspected level of compromise, reset all user, administrator, and service account credentials across all local and domain systems."
Basically, change allof your passwords on everything. Yeah, not a good look.
Featured Video For You
Here's 5 tips for Spring cleaning your digital footprint
