Skip to main content

Continued Threats to U.S. Banking and Energy

August 28, 2014

In April, FishNet Security’s Global Threat Intelligence Center (gTIC) assessed that the Obama administration’s enhanced sanctions against Russia could open the possibility of retaliatory attacks on U.S. banking, energy and media outlets. It appears that this has come to fruition, with new reports of Russian hackers being investigated by the Federal Bureau of Investigation for attacks against JPMorgan Chase & Co.

Russia commonly uses proxies and deception when carrying out attacks against targets in the cyber realm to obfuscate State-sponsored actions. During the 2008 Russo-Georgian War, Russian “patriots” used Denial of Service (DoS) attacks against Georgian media, communications, transportation and government infrastructure. At the onset of Russian involvement in the Ukraine, communications in the Crimea were attacked physically by reported Russian forces at Ukrtelecom, the predominant communications provider in the area. In addition, there were reports earlier this summer of attacks targeting the energy sector, which have been attributed to Russia. It has been assessed that Russia holds a loose grip, but a grip none-the-less, on criminal hackers within the Russian Federation, known mostly as the Russian Business Network (RBN).

In light of the continued escalation in Ukraine - stemming from the civil war, Russia’s annexation of Crimea, enhanced U.S. sanctions, the downed aircraft in June - and the U.S. diplomacy’s continued involvement with the U.N., we assess with high confidence that attacks against U.S.-based infrastructure will continue. Attack vectors include spear phishing and watering hole attacks designed to gain access to targeted systems using malware such as remote access Trojans (RATs).

FishNet Security recommends that all organizations follow established best practices in maintaining vulnerability patching, antivirus signature updates and monitoring of log traffic for anomaly detection.

FishNet Security’s gTIC will continue to monitor this threat as it progresses and take proactive measures within our Managed Security Services to identify and detect events associated with known indicators and tactics attributed to this actor.

Related Blogs

September 25, 2017

DDoS Threats: Are Your Third Parties Protecting You?

There’s evidence that ransomware may be evolving beyond holding data hostage. In recent news, DDoS attacks were used as a threat against organizations...

See Details

June 27, 2017

The Most Important Threats for Your Organization to Watch

The Optiv Cyber Threat Intelligence Estimate 2017 is a yearly report that reviews important events of the past calendar year, and uses them to make pr...

See Details

May 30, 2012

Look out for These Four 2012 Bank Fraud Trends

This is another scam that allows fraudsters to use stolen pre-paid gift cards to steal your money. Fraudsters will begin by demagnetizing the magnetic...

See Details

How Can We Help?

Let us know what you need, and we will have an Optiv professional contact you shortly.


Privacy Policy

Related Insights

July 29, 2016

2016 Cyber Threat Intelligence

Learn how Optiv’s cyber threat intelligence solution helps clients improve their threat response approach.

See Details

April 24, 2013

Cyber Security Flaws We All Know and Love

Joseph Belans provided an excellent presentation at BSides titled "Hacking like it's 1999: Security Flaws We All Know and Love." Below is a video rec...

See Details

October 06, 2017

Managed Security Services - Service Guide

Learn about our flexible and scalable services to improve your security capabilities.

See Details

Stay in the Know

For all the latest cybersecurity and Optiv news, subscribe to our blog and connect with us on Social.

Subscribe

Join our Email List

We take your privacy seriously and promise never to share your email with anyone.

Stay Connected

Find cyber security Events in your area.