DHS' NCCIC: Russian hackers exploiting 'trusted' vendors to access critical power systems

The Department of Homeland Security's National Cybersecurity and Communications Integration Center is warning of malicious cyber activities by the Russian government that seek to exploit established vendor and business relationships to gain access to critical infrastructure systems, including control of power systems that could have resulted in physical harm, such as plant disruptions.

“They had access to control panels to affect physical impacts,” said Jonathan Homer, chief of the industrial control systems section of the NCCIC's incident response division. Homer...