Warning comes from several official quarters that Russian hacking of American infrastructure, especially the power grid, is a looming threat. Several reports, rendered both to Congress and the media, describe extensive battlespace preparation and successful compromise of electrical power infrastructure control centers. Industry sources vigorously second the warnings. (Security industry comments run from, "well this is the new normal," to "we've known this for years—what took you so long?") In truth, as some point out, such alerts have been sounded for some years, but they're being delivered with unusual urgency this time around.
The warnings come as the US Congress shapes the defense authorization bill, in which cyber provisions figure prominently. Congress is in a mood to take a hard line, with calls for retaliation in kind (or worse) to cyberattacks. There is also a move afoot in the Senate to form a commission to study and develop advice on cybersecurity policy.
Several familiar criminal tools are resurfacing in updated form. Sophos is seeing a new version of the Red Alert banking Trojan (Red Alter 2.0). Proofpoint reports that Kronos is back. It's another banking Trojan, this one first observed in 2014, and it made its reappearance recently with attacks in Germany. And Palo Alto Networks and others note a resurgence of the Mirai and Gafgyt botnets.
The maritime shipping firm Cosco reports that a malware infection is impeding, but not stopping, its operations. The infestation apparently began at Cosco terminals in the US port of Long Beach, California.