Advertisements
Want create site? Find Free WordPress Themes and plugins.

Russian hackers don’t just go after emails. 
A report released Thursday afternoon by the United States Computer Emergency Readiness Team (US-CERT) details an alleged years-long Russian effort to infiltrate and control critical infrastructure across the U.S. And in many cases they appear to have succeeded. 

“Since at least March 2016, Russian government cyber actors—hereafter referred to as ‘threat actors’—targeted government entities and multiple U.S. critical infrastructure sectors, including the energy, nuclear, commercial facilities, water, aviation, and critical manufacturing sectors,” reads the warning. It was based on analysis from the Department of Homeland Security (DHS) and the FBI.
The report notes that a variety of methods were used by the hackers to work their way into computer systems across the country, including but not limited to “spear-phishing emails (from compromised legitimate account),” “watering-hole domains,” and “open-source and network reconnaissance.”
The hackers are said to have straight up gotten access to workstations “that contained data output from control systems within energy generation facilities.”

A reconstructed screenshot of what the Russian hackers saw on an industrial control system.Image: United States Computer Emergency Readiness TeamBasically, if they had wanted to, the hackers likely could have wreaked some serious havoc — like turning things off. 
In addition to dropping this news, US-CERT also released a detailed list of best practices that businesses in critical industries should follow. On top of things like training people how to use email better (really), the team recommended mandating two-factor authentication for employees and establishing rules for complex passwords. 
Those are both good ideas, if not rather basic.  
One of the recommended best practices in particular, however, suggested that the situation was really bad. “Based on the suspected level of compromise, reset all user, administrator, and service account credentials across all local and domain systems.”
Basically, change all of your passwords on everything. Yeah, not a good look. 

Did you find apk for android? You can find new Free Android Games and apps.
Advertisements
Tags:

©2018 Cyberian.pk

 
or

Log in with your credentials

or    

Forgot your details?

or

Create Account