This is a very interesting story from ABC news:
A destructive “Trojan Horse” malware program has penetrated the software that runs much of the nation’s critical infrastructure and is poised to cause an economic catastrophe, according to the Department of Homeland Security.
National Security sources told ABC News there is evidence that the malware was inserted by hackers believed to be sponsored by the Russian government, and is a very serious threat.
The hacked software is used to control complex industrial operations like oil and gas pipelines, power transmission grids, water distribution and filtration systems, wind turbines and even some nuclear plants. Shutting down or damaging any of these vital public utilities could severely impact
DHS said in a bulletin that the hacking campaign has been ongoing since 2011, but no attempt has been made to activate the malware to “damage, modify, or otherwise disrupt” the industrial control process. So while U.S. officials recently became aware the penetration, they don’t know where or when it may be unleashed.
DHS sources told ABC News they think this is no random attack and they fear that the Russians have torn a page from the old, Cold War playbook, and have placed the malware in key U.S. systems as a threat, and/or as a deterrent to a U.S. cyber-attack on Russian systems – mutually assured destruction.
The hack became known to insiders last week when a DHS alert bulletin was issued by the agency’s Industrial Control Systems Cyber Emergency Response Team to its industry members. The bulletin said the “BlackEnergy” penetration recently had been detected by several companies.
DHS said “BlackEnergy” is the same malware that was used by a Russian cyber-espionage group dubbed “Sandworm” to target NATO and some energy and telecommunications companies in Europe earlier this year. “Analysis of the technical findings in the two reports shows linkages in the shared command and control infrastructure between the campaigns, suggesting both are part of a broader campaign by the same threat actor,” the DHS bulletin said.
The hacked software is very advanced. It allows designated workers to control various industrial processes through the computer, an iPad or a smart phone, sources said. The software allows information sharing and collaborative control.
Mr. Obama’s push for a deal faces renewed resistance after Tuesday’s elections gave Republicans control of the Senate and added power to thwart an agreement and to impose new sanctions on Iran. Sens. Mark Kirk (R., Ill.) and Robert Menendez (D., N.J.) have introduced legislation to intensify sanctions.
House Speaker John Boehner (R., Ohio) expressed concern when asked about the letter sent by Mr. Obama.
“I don’t trust the Iranians, I don’t think we need to bring them into this,” Mr. Boehner said. Referring to the continuing nuclear talks between Iran and world powers, Mr. Boehner said he “would hope that the negotiations that are under way are serious negotiations, but I have my doubts.”
Arab leaders also fear Washington’s emerging rapprochement with Tehran could come at the expense of their security and economic interests across the Middle East. These leaders have accused the U.S. of keeping them in the dark about its diplomatic engagements with Tehran.
The Obama administration launched secret talks with Iran in the Omani capital of Muscat in mid-2012, but didn’t notify Washington’s Mideast allies of the covert diplomatic channel until late 2013.