An official with the Department of Homeland Security recently told House lawmakers that a Russian campaign is currently underway with the aim of compromising the process controls of government and private organizations belonging to critical U.S. industries.
Jeanette Manfra, assistant secretary for cybersecurity and communication at the DHS National Protection and Programs Directorate, spoke during a joint hearing between the House Subcommittee on Cybersecurity and Infrastructure Protection and the Subcommittee on Emerging Threats and Capabilities. She said Russian attackers have been attempting to penetrate the industrial control systems of select U.S. business and government entities since at least 2015.
Though Manfra did not specify which entities have been targeted, she did indicate that they belonged to the aviation, energy, manufacturing, nuclear and water sectors. Manfra explained that the Russian campaign was detected through a collaborative effort involving the DHS, the FBI and various international partners. She went on to describe incident response efforts that the DHS and FBI have carried out to mitigate the effects of the Russian intrusion.
Nevertheless, Manfra emphasized Homeland Security’s position that the attack is still in progress, and that “threat actors are actively pursuing their ultimate long-term campaign objectives.”