Russia is increasing its cyber capabilities in what is seen as the latest threat to global stability, and malware developed in the country is already breaching industrial control systems.
This was the worrying situation outlined by the US in the latest Worldwide Threat Assessment report, which places cyber attacks as the biggest threat to the US and the wider world at present.
“The likelihood of a catastrophic attack from any particular actor is remote at this time. Rather than a ‘cyber Armageddon’ that debilitates the entire US infrastructure, we envision something different,” said the report.
“We foresee an ongoing series of low- to moderate-level cyber attacks from a variety of sources over time, which will impose cumulative costs on US economic competitiveness and national security.”
One of the rising threats in this sphere is coming from Russia. The report claims that the country’s defence ministry is establishing a command centre to carry out cyber-related activities.
This includes “inserting malware into energy command and control systems”, attacks which have already proved successful.
“Computer security studies assert that unspecified Russian cyber actors are developing means to access industrial control systems [ICS] remotely,” said the report.
“These systems manage critical infrastructure such as electric power grids, urban mass-transit systems, air traffic control, and oil and gas distribution networks.
“These unspecified Russian actors have successfully compromised the product supply chains of three ICS vendors so that customers download exploitative malware directly from the vendors’ websites along with routine software updates, according to private sector cyber security experts.”
James Clapper, US director of national intelligence, underlined the extent of this threat from Russia as he delivered the report to the Senate Armed Services Committee, saying that the Russian cyber threat is “more severe than we had previously assessed”.
The report also outlined the continued cyber threat from Iran, China and North Korea, citing the recent Sony hack by North Korea as an example of the clear damage such incidents can cause.
“North Korea uses its cyber capabilities for political objectives,” the report said.
“The North Korean government was responsible for the November 2014 cyber attack on Sony Pictures Entertainment, which stole corporate information and introduced hard drive-erasing malware into the company’s network infrastructure.”
The Sony hack is seen as a watershed moment in the security world, and companies are waking up to the idea of a hack carried out to cause disruption rather than steal corporate data.