Warning issued about advanced persistent threats targeting critical infrastructure
- Published: Tuesday, 24 October 2017 12:33
US-CERT has published alert TA17-293A: ‘Advanced Persistent Threat Activity Targeting Energy and Other Critical Infrastructure Sectors’. This alert is the result of analytic efforts between the US Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI). It provides information on advanced persistent threat (APT) actions targeting government entities and organizations in the energy, nuclear, water, aviation, and critical manufacturing sectors.
Working with US and international partners, DHS and FBI identified victims in these sectors. This report contains indicators of compromise and technical details on the tactics, techniques, and procedures (TTPs) used by APT actors on compromised victims’ networks.
DHS assesses this activity as a multi-stage intrusion campaign by threat actors targeting low security and small networks to gain access and move laterally to networks of major, high value asset owners within the energy sector. DHS has confidence that this campaign is still ongoing.