The US Department of Homeland Security (DHS) and the FBI are warning that Russian state-sponsored cyber-attackers are targeting critical infrastructure – and have been for quite some time.

The two agencies issued a joint alert saying that Russian government cyber-actors are actively targeting organizations in the US energy, nuclear, commercial facilities, water, aviation, government and critical manufacturing sectors. They characterized the activity as a “multi-stage intrusion campaign,” where the hackers first targeted peripheral organizations such as trusted third-party suppliers with less secure networks, before pivoting and gaining remote access into energy-sector networks. From there, they conducted network reconnaissance and launched spear-phishing and watering-hole efforts to move laterally and collect information pertaining to industrial control systems (ICS) across industries.

In all of this, the ultimate goal extends beyond espionage to include gaining access to the human-machine interfaces and other control platforms used to administrate critical infrastructure.

“Yesterday's DHS/FBI alert validates what the ICS community has known for months: Russian cyber-attackers have both the intent and the ability to successfully compromise our critical infrastructure networks, including in our nuclear facilities,” said Phil Neray, vice president of industrial cybersecurity at CyberX, via email. “It's easy to see how Russia could leverage these dangerous footholds to test our red lines and threaten us with sabotage in the event of escalating hostilities, such as new Russian incursions on former Soviet territories."


The role of IT in defending against cyber-attacks is more difficult than ever. It becomes even more challenging when IT departments are forced to tackle the lack of willingness by employees to take precautionary steps against attacks, according to the latest results from the A10 Networks Application Intelligence Report (AIR).

Based on research involving more than 2,000 business and IT professionals at companies from various industries around the world, A10 AIR addresses the challenges IT decision makers face with the rise and complexity of cyberattacks, and the sometimes careless attitudes of employees who unwittingly introduce new threats into their businesses.

Employees Unknowingly Introducing Cyberthreats to Their Companies

The report revealed that employees often unknowingly weaken cybersecurity with the use of unsanctioned apps: one out of three (37 percent) of employees surveyed say they aren’t familiar with what a DDoS attack is, or even aware of how they could unknowingly become victimized.

This data is even more disturbing when almost half (48 percent) of IT leaders say they agree that their employees do not care about following security practices, according to the survey findings. It’s hard to protect someone who isn’t familiar with the warning signs associated with attacks – or willing to learn about them.

With often poor understanding of corporate security policies, this behavior increases the risks that come with a growing reliance on disparate and app-dependent workforces, especially when one third (30 percent) of employees surveyed knowingly use apps their companies forbid.

Of those who use non-sanctioned apps, more than half (51 percent) claim “everybody does it,” while one third (36 percent) say they believe their IT department doesn’t have the right to tell them what apps they can’t use.

Why use unsanctioned apps in the first place? One third (33 percent) of all respondents claim IT doesn’t give them the apps needed to get the job done.

But Who’s Responsible for App Security?

For employees who want to check sports scores or listen to streaming music at work, poorly designed apps with weak security could provide the backdoor for attackers to gain entry into the employee’s corporate network.


Online platforms should take down "terrorist content" within an hour of it being reported, the EU said Thursday in new recommendations to internet companies to stem the flow of harmful content on the web.

Brussels is looking for ways to combat online extremism amid growing alarm about the use of sites like YouTube, Facebook and Twitter as forums to radicalize and recruit, especially by the Islamic State group.

The European Commission, the bloc's executive arm, has already signed up a group of US internet giants to a plan to combat web extremism but warned it would consider legislation if the voluntary approach did not work.

"While several platforms have been removing more illegal content than ever before -- showing that self-regulation can work -- we still need to react faster against terrorist propaganda and other illegal content," the commission's vice-president for the Digital Single Market Andrus Ansip said.

This content remains "a serious threat to our citizens' security, safety and fundamental rights," added Ansip, a former Estonian prime minister.

Voluntary industry efforts have achieved results, the commission said, but there is still "significant scope for more effective action, particularly on the most urgent issue of terrorist content, which presents serious security risks".

The commission said "terrorist content" should be taken down within one hour of being reported by the authorities, such as police, and internet companies should do more to monitor and remove material themselves.

The new recommendations also include steps to crack down on other harmful illegal content such as hate speech and images of child sexual abuse.

Last month the commission said IT firms removed 70 percent of illegal content notified to them in the preceding few months.

This was compared to 59 percent before May 2017, and 28 percent in the months after the code of conduct was launched in 2016.



A black metal mechanical device resembling a typewriter sits in a wooden box. It could be just an oddity in an antique store. It's the black elliptical logo engraved in the wood that sets it apart. 

"Enigma," it reads.

That marks it as a Nazi cipher machine, used in World War II to encrypt messages sent over radio waves by the German military. It was then cutting-edge, creating one of the world's strongest encryption keys. That gave Germany's lethal U-boats the power to communicate with each other about attacks on merchant ships, which devastated the UK throughout the war, taking thousands of lives and cutting off vital supplies and troops en route from North America. 

The power of this machine prompted the Allied forces to launch an effort that used machines, mathematicians sworn to secrecy and some Naval derring-do to crack the code and read Germany's messages.

It isn't even a computer. As Enigma expert Mark Baldwin demonstrated on Wednesday to a crowd of employees at CBS Interactive, CNET's parent company, "it just changes one letter into another."

If you press one key on the stripped-down keyboard, a different letter lights up in the lamp board, an array of light-up letters arranged just above the keyboard. Users would type their messages into the machine and write down each replacement letter as it lit up. Then they would tap out the encrypted message in Morse code over the radio, sure in the knowledge that only someone with their own Enigma machine with the same exact settings could decipher it.

Looking at the machine, it's hard to believe it confounded some of the world's best technical experts, who spent years at places like the UK's secret code-breaking compound at Bletchley Park working on ways to crack it.