(Cyberwar.news) Hackers likely operating on behalf of the Russian government have managed to successfully penetrate critical U.S. industrial control networks that operate infrastructure like the electric power grid says James Clapper, the director of national intelligence.
As reported by the Washington Free Beacon, in little-noticed testimony in mid-September Clapper told lawmakers that Russia has also formed a cyber military command as well as a special hacker unit, in preparation for future cyber conflict.
Besides Russia, Clapper also singled out North Korea, China and Iran as principle nation states capable of conducting sophisticated cyber attacks and cyber-spying.
“Politically motivated cyber attacks are now a growing reality, and foreign actors are reconnoitering and developing access to U.S. critical infrastructure systems, which might be quickly exploited for disruption if an adversary’s intent became hostile,” Clapper said in prepared remarks for the House Permanent Select Committee on Intelligence.
In his Sept. 10 testimony, Clapper broke from previous public statements regarding cyber threats. In the past open testimony provided very limited mention of explicit links between nations and cyber attacks.
Clapper discussed how Russian cyber warfare specialists are developing the capacity to remotely access U.S. industrial control systems that are utilized to manage vital infrastructure.
“Unknown Russian actors successfully compromised the product supply chains of at least three [industrial control system] vendors so that customers downloaded malicious software designed to facilitate exploitation directly from the vendors’ websites along with legitimate software updates…” Clapper stated.
In October 2014 the WFB reported that Russian hackers had penetrated critical water and energy systems.
Chinese hackers have also reportedly gained access to sensitive U.S. infrastructure.
In May 2013 International Business Times reported that a sensitive U.S. Army Corps of Engineers database containing information and vulnerabilities of thousands of dams was penetrated by Chinese hackers.
The U.S. Army Corps of Engineers’ National Inventory of Dams database hacking led to concerns that “information gathered in the attack could help China carry out a cyber attack on the national electric power grid,” IBT reported.
In 2014 Hydrologist Xiafen “Sherry” Chen, a National Weather Service employee, has been indicted for allegedly downloading restricted government files by accessing the same database.