Russian Hackers Increasingly Targeting Critical Infrastructure

 In Industry Highlights
0

Russian hackers

Image courtesy of James Broad under Attribution-NonCommercial-ShareAlike 2.0 Generic Deed, resized to 700 x 391 pixels.

According to Amazon’s threat-intelligence group, Russian hackers have recently upped their efforts to breach systems that control U.S. critical infrastructure.  The researchers warned that these malicious actors are targeting so-called edge devices to gain access, including those within the energy sector.  And alarmingly, it was recently discovered that this has been happening since 2021!

How the Russian Hackers are Wreaking Havoc

Edge devices, including firewalls and network management portals, represent a growing risk for U.S. organizations.  Edge devices have well-known vulnerabilities yet not much seems to have been done to plug the holes.

While the researchers found evidence that this tactic has been employed by Russian hackers since 2021, they detected a sustained increase in this activity in 2025.  It’s also a favorite tactic for Chinese hackers.  And, I mean, why not?  After all, targeting edge devices with known but unpatched flaws is low-hanging fruit.

Most troublesome, the researchers said that the energy sector is a prime target: “The targeting demonstrates sustained focus on the energy sector supply chain, including both direct operators and third-party service providers…”

Of course, this begs the question: What do utilities need to do to protect themselves?  According to the Amazon group, all edge devices should be immediately sniff-tested to look for signs of malicious intent.  Obviously, if anything appears compromised, emergency steps should be taken to bring a quick resolution.

And of course, utilities – like any company, organization, or entity – must follow best practices when it comes to cybersecurity.

These include utilizing strong authentication methods (especially two-factor authentication), building isolation or choke points into networks to minimize spread, and monitoring and acting on any signs of unusual login attempts and traffic connecting to unknown internet sources.

We live in a world that is completely interconnected, and therefore the risk of utility cyberattacks has grown exponentially higher than it was just a few decades ago.  Whether its Russian hackers or malicious groups from other places, utilities must have solid contingency plans and employ the expertise necessary to keep ahead of the growing number of energy sector cyber threats.

Recommended Posts

Leave a Comment

Start typing and press Enter to search

physical-security
The Evolution of Physical Security for UtilitiesIndustry Highlights
non-ai-demand
Disregard Non-AI Demand Risks to the Grid at Your Own PerilIndustry Highlights