Trojan Horse Malware Has Penetrated (Since 2011) Software That Runs Much Of U.S.’s Critical Infrastructure — Likely Russian State-Sponsored Cyber Op — Digital Preparation Of The ‘Battlefield’

November 7, 2014 

Jack Cloherty and Pierre Thomas from ABC News reported yesterday (Nov. 6, 2014), that “a destructive “Trojan horse” malware program has penetrated the software that runs much of the nation’s critical infrastructure; and, is poised to cause an economic catastrophe,” according to the Department of Homeland Security (DHS). ABC News cites “national security sources as saying that the malicious malware was most likely inserted by the Russian government; and, that the threat remains very serious.” ABC News adds that “the hacked software is used to control industrial operations like oil and gas pipelines, power transmission grids, water distribution and filtration systems, wind turbines, and even some nuclear plants.”

According to a DHS bulletin, the hacking campaign has been ongoing since at least 2011; but, no attempt to activate the malware has been made — to “modify, damage, or otherwise disrupt the industrial control process.” DHS sources reportedly told ABC News that “they think this is no random attack; and, they fear that the Russians have torn a page from the Cold War playbook; and, have placed the malware in key U.S. systems as a threat — and/or, as a deterrent to a [potential future] U.S. cyber attack on Russian systems — a Mutually Assured [Cyber] Destruction.” The breach reportedly became known last week when a DHS alert bulletin was issued by the agency’s Industrial Control Systems Cyber Emergency Response Team to its industry members. The bulletin said the “Black Energy,” penetration recently had been detected by several companies.

DHS added that “Black Energy,” is the same malware used by a Russian cyber-espionage group dubbed “SandWorm,” to target NATO, and some energy and telecommunications companies in Europe earlier this year. “Analysis of the technical findings in the two reports shows linkages in the shared command-and-control infrastructure between the campaigns, suggesting both are part of a broader campaign by the same threat actor,” the DHS bulletin noted. 

ABC News added that “the software is very advanced; and, allows workers to control various industrial processes through the computer, an iPad, or, smartphones, — as well as information sharing and collaborative control.