Russian Cyberattack Group Sandworm Linked to Bold Attacks on Critical US Infrastructure, Water Utilities

Hackers reportedly gained access to critical infrastructure controls.

Recent occurrences have demonstrated the escalating attacks by Russia's military intelligence organization, known as Sandworm, on important US infrastructure, according to a report.

Sandworm has caused Ukraine blackouts and released damaging code throughout the previous decade. Today, cybersecurity experts say that Sandworm-affiliated hackers have launched a series of daring cyberattacks on critical infrastructure, per Wired. Their targets include a French hydroelectric plant and US and Polish water utilities. According to reports, they flipped switches and changed software settings to damage critical infrastructure in these countries.

Since January, the Cyber Army of Russia, also known as the Cyber Army of Russia Reborn, has claimed credit for various assaults against US and European water and hydroelectric facilities. Hackers have demonstrated via Telegram videos how to manipulate human-machine interfaces, which control network equipment. A Texas water utility, a Polish wastewater treatment plant, and a French hydropower project are targets.

Mandiant found a link between Sandworm and the Cyber Army of Russia, suggesting Sandworm helped create the former. The Russian Cyber Army disclosed data they had stolen from Sandworm's attacks, suggesting coordination between the two groups.

Sophisticated Attacks Raise Concerns

Mandiant's threat intelligence chief, John Hultquist, says the Cyber Army of Russia has outdone Sandworm in directly attacking US networks with disruptive cyberattacks. While Sandworm has mostly prepared, the Russian Cyber Army has aggressively corrupted operational technological systems, threatening key infrastructure.

The Russian Cyber Army's aggressive strikes have raised worries about widespread disruption and harm. The group's videos show chaotic control system manipulation, raising concerns about their skills and goals. They may comprehend the targeted systems, but experts warn that their lack of discipline might have unforeseen repercussions.

Mandiant's results imply that state-sponsored organizations like Sandworm are changing their cyberattack techniques, while spinoffs like the Cyber Army of Russia are becoming more audacious.

Secretary Granholm Announces Nuclear Energy Scientific Breakthrough
Guests await the beginning of a news conference with U.S. Energy Secretary Jennifer Granholm at the Department of Energy headquarters to announce a breakthrough in fusion research on December 13, 2022 in Washington, DC. Chip Somodevilla/Getty Images
Guests await the beginning of a news conference with U.S. Energy Secretary Jennifer Granholm at the Department of Energy headquarters to announce a breakthrough in fusion research on December 13, 2022 in Washington, DC.

Serious Damage on US Agencies, Officials

TechTimes previously reported recent findings on Russia-connected attacks on the US. This month, a CISA report noted that Russian-backed hackers, known as "Midnight Blizzard," attacked US federal agencies' emails using Microsoft accounts.

Microsoft disclosed the incident in January, which compromised federal government emails via illegally accessing Microsoft corporate email accounts. CISA blames the Russian Foreign Intelligence Service (SVR) for the assault, emphasizing its danger to impacted agencies.

After Russian hackers increased their incursion, CISA issued an emergency directive on April 2, mandating that civilian government agencies safeguard their email accounts. CISA did not identify the US government agencies affected by the email theft, but its quick response intends to reduce damage.

Early this month, The Insider, Der Spiegel, and CBS's 60 Minutes found a link between the "Havana Syndrome," which affects US diplomats, and a Russian monitoring unit.

The investigative work suggests Russia's involvement in sonic warfare, despite Moscow's denials. The US authorities first thought foreign cooperation implausible as their inquiry into "anomalous health incidents" (AHIs) last year failed to find an alternative explanation.

The report suggests Havana Syndrome may have originated two years sooner in Germany than in Havana, where the first case was recorded in 2016. It noted an incident "where a US government employee stationed at the consulate there was rendered unconscious by what appeared to be a powerful energy beam."

The Pentagon disclosed that a top Defense Department official had Havana Syndrome symptoms at last year's NATO conference in Lithuania. Other White House, CIA, and FBI personnel experienced dizziness, headaches, concentration issues, and a disconcerting sound in their ears.

With over 1,000 reports, hundreds more occurrences remain unexplained. Recent NIH research found that MRI scans failed to detect brain injuries in many workers reporting AHIs, despite US officials' efforts to help victims.

byline quincy
byline quincy byline quincy
ⓒ 2024 TECHTIMES.com All rights reserved. Do not reproduce without permission.
Join the Discussion
Real Time Analytics