• COVID-19
  • About Us
  • Contact Us
  • Events
  • Industries
  • Partners
  • Products & Services
  • Contribute
  • Webinars

Aerospace

  • Québec’s CloudOps Will Build Telesat LightSpeed’s Cloud Network
  • Myriota and Goanna Ag Team Up on IoT Agriculture Solutions
  • Fleet Picks Swissto12 to Deliver Additively Manufactured All-Metal Patch Antennas

Chemical

  • POWER magazine and Chemical Engineering magazine announce Eastman Chemical as the Host Chemical Process Industries (CPI) Sponsor for the 5th annual Connected Plant Conference
  • Evonik deepens partnership with IBM to accelerate AI implementation
  • Achieving Plant Efficiency – the Digital Way

Cybersecurity

  • House Passes Eight Bipartisan Cyber, Homeland Security Bills
  • Biden Administration Targets Electric Utilities For Cybersecurity Protections
  • White House Attributes SolarWinds Hack To Russian Agency

Healthcare

  • CISA Services In High Demand Related To COVID Vaccine Response
  • AI tool detects COVID-19 by listening to patients’ coughs
  • Printing Wearable Sensors Directly onto Skin

Oil & Gas

  • Globalstar Wins Asset Tracking Order from Brazilian Oil and Gas Company
  • Cybersecurity: Continuous Vigilance Required
  • Repsol and Microsoft renew partnership developing AI-powered digital solutions

Power

  • POWER magazine and Chemical Engineering magazine announce Eastman Chemical as the Host Chemical Process Industries (CPI) Sponsor for the 5th annual Connected Plant Conference
  • Self-Tuning Artificial Intelligence Improves Plant Efficiency and Flexibility
  • How to Put the Power Grid to Work to Prevent Wildfires

Transportation

  • Swarm CEO Sara Spangelo Sets Disruptive Pricing on New Satellite IoT Service
  • Trump Issues Cyber Security Plan For Maritime Transportation System
  • Sabic Launches New Compounds for Automotive Radar Sensors

Webinars

  • Anticipating the Unknowns: Accelerating Incident Response Without Losing Control
  • Industrial Endpoint Protection in Operational Technology
  • Known and Unknown: Putting a Stop to OT and IT Threats Before they Act

Sign up today for our free weekly e-letter

sign up
CONNECTING INNOVATIONS
WITH INSIGHT
SIGN UP
LOG IN
  • Aerospace
    Québec's CloudOps Will Build Telesat LightSpeed's Cloud Network
    Read story View all articles
  • Chemical
    POWER magazine and Chemical Engineering magazine announce Eastman Chemical as the Host Chemical Process Industries (CPI) Sponsor for the 5th annual Connected Plant Conference
    Read story View all articles
  • Cybersecurity
    House Passes Eight Bipartisan Cyber, Homeland Security Bills
    Read story View all articles
  • Healthcare
    CISA Services In High Demand Related To COVID Vaccine Response
    Read story View all articles
  • Oil & Gas
    Globalstar Wins Asset Tracking Order from Brazilian Oil and Gas Company
    Read story View all articles
  • Power
    POWER magazine and Chemical Engineering magazine announce Eastman Chemical as the Host Chemical Process Industries (CPI) Sponsor for the 5th annual Connected Plant Conference
    Read story View all articles
  • Transportation
    Swarm CEO Sara Spangelo Sets Disruptive Pricing on New Satellite IoT Service
    Read story View all articles
Cybersecurity
January 12 2021 8:55 pm

State-Backed Hacker Group Sought Information For Espionage, FireEye Official Says

C

Cal Biesecker

The recently disclosed cyber intrusion of government and private sector networks by a state-backed hacking group was motivated by espionage and the types of stolen information indicates it was to benefit "multiple government priorities," an official with the cyber security firm FireEye [FEYE] said on Tuesday.

FireEye, which in December first reported the breach of its own networks and others, has seen UNC2452 target internal documents, intellectual property and emails, but they aren't "grabbing all information" on the networks it has infiltrated, Benjamin Read, director of Threat Intelligent Analysis for the company's Mandiant division, said during a webinar the company hosted.

The information stolen so far has "low monetary value" and FireEye isn't seeing signs of "destructive or disruptive goals" from the group or the theft of personally identifiable information or financial data, he said.

Read didn't elaborate on the specific types of information that was stolen, although he did mention research and development.

The primary targets of the hack are in North America with a "heavy focus on government," also non-government organizations, "some higher education" entities, and technology companies, he said. There has been "A little bit of activity in Europe," he also said.

"Targets that are value for geopolitical reasons," Read said, noting it the information can be used to help with "decision-making." He added that "How the U.S. government works is of interest to lots of governments."

William Evanina, director of counter intelligence for the U.S. intelligence community, also on Tuesday said that espionage was the primary goal of the cyber intrusion.

"I won't get in front of the government's assessment of this right now but from my perspective in counter-intelligence space I see this as an intelligence gathering operation," Evanina said during a live event hosted by the Washington Post.

FireEye also isn't ready to attribute the origin of UNC2452, which the U.S. government security agencies believe is tied to Russia, Read said.

The advanced persistent threat actor is "highly skilled, likely state-backed" but FireEye doesn't have "sufficient evidence to support naming the specific sponsor," Read said. The U.S. government's attribution is "certainly plausible from what we've seen," he said, pointing to the "sophistication" and "stealth" used by the hacking group being used by Russian groups in the past.

"And we don't have anything pointing to a different country besides Russia," Read said. "Based on the evidence we have, we don't have evidence to say, ‘Yes, this is Russia.'"

Evanina said he believes Russia is behind the hacking, noting that official attribution "is a policy matter."

The FBI, Department of Homeland Security, Office of the Director of National Intelligence and National Security Agency last week said fewer than 10 U.S. government agencies have been compromised by the cyber hack, but Evanina said he expects this number to grow.

The hackers used software products created by the network management company SolarWinds [SWI] to gain entry through patches, or upgrades, to their products that are already installed on computer systems operated by thousands of customers. The breach was conducted using threat malware that hadn't been used before.

Asked by Washington Post reporter Ellen Nakashima if the latest breach was a wake-up call for the government and private sector and what needs to be done to protect the security of the information and communications technology supply chain, Evanina replied, "we've had too many wake-up calls."

Supply chain protection is the "second pillar" of the nation's counter-intelligence strategy and what is needed is the "right mechanism" for public and private partnerships that is better than the current arrangement, Evanina said.

The government needs to be able to "utilize private sector talent, capability and know-how to protect our nation and our entire society," Evanina said. This means providing authorities "to allow the private sector to partner more effectively," he said.

The key government agencies–the FBI, Department of Homeland Security and National Security Agency–involved in helping protect the U.S. from cyber threats internally and externally have to work better together as well, Evanina said.

"I think we have to get to a sound solution how we make that all one in the future," he said.

Evanina also said that a supply chain risk mitigation program needs to be built around zero-trust in the products and services any organization uses, as well as basic hygiene such as paying attention to spearphishing attempts and installing patches routinely.

Sign up today for our free weekly e-letter

sign up

Aerospace

Chemical

Cybersecurity

Healthcare

Oil & Gas

Power

Quiz

Transportation

Webinars

About Us

IIoT Connection delivers the latest news, trends, insights, events and research surrounding the dynamic and disruptive Industrial Internet of Things (IIoT) marketplace. Brought to you by the publisher of must-read publications Defense Daily, OR Manager, POWER and Chemical Engineering, as well as the conference producers of SATELLITE, Global Connected Aircraft Summit, Connected Plant Conference and ELECTRIC POWER, IIoT Connection is committed to providing the most comprehensive compilation of products and services dedicated to the Industrial Internet of Things. Key verticals with associated products and services include: aerospace, chemical, cybersecurity, healthcare, oil & gas, power, and transportation.


Advertise

  • Privacy Policy
© 2021 Access Intelligence, LLC - All Rights Reserved.
  • × UPS Partners with Wingcopter to Develop, Certify Drone Delivery Fleet
    Read story View all articles
  • × How Industrial Managers Can Identify and Prevent Failures in Facilities
    Read story View all articles
  • × Federal Agencies Partner To Improve Cyber Security Cooperation In Energy Sector
    Read story View all articles
  • × New service lines can create opportunities for ORs
    Read story View all articles
  • × Equinor and Shell to collaborate on digital solutions
    Read story View all articles
  • × Dobroflot to Manage Fuel Savings With IOT Solution By Orange Business Services
    Read story View all articles
  • × The Future of 5G & IoT Technologies in the Transportation Industry
    Read story View all articles
  • ×
    Read story View all articles
  • ×
    Read story View all articles
  • ×
    Read story View all articles
  • ×
    Read story View all articles
  • ×
    Read story View all articles
  • ×
    Read story View all articles
  • ×
    Read story View all articles
  • ×
    Read story View all articles
  • ×
    Read story View all articles
  • ×
    Read story View all articles