DHS, FBI Analysis Uncovers Evidence Russia Is Hacking Power Grid

Today’s topics include the U.S. government accusing Russia of hacking the power grid and Google enhancing mobility security management in Chrome Enterprise.

After a joint Department of Homeland Security and FBI analysis, the U.S. government warned on March 15 that Russian government hackers have taken direct aim at the U.S. power grid, as well as other critical manufacturing sectors.

According to the analysis, Russian hackers have been active since at least March 2016, and a US-CERT advisory states the actors "targeted small commercial facilities’ networks where they staged malware, conducted spear phishing, and gained remote access into energy sector networks. After obtaining access, [they] conducted network reconnaissance, moved laterally, and collected information pertaining to Industrial Control Systems."

To defend against Russian hackers, Galina Antova, co-founder of ICS security firm Claroty, suggests calling out nation-state actors when the evidence is reliable.

In an effort to revamp Chrome Enterprise, Google’s business-friendly version of its operating system, to give organizations more options for managing and implementing security policies across devices, the company on March 15 announced partnerships with four enterprise mobility management vendors: Cisco Meraki, Citrix, IBM and ManageEngine, a division of Zoho.

The goal is to give organizations more product options for managing endpoint devices from a unified interface while building on secure access and integration capabilities unavailable to consumers in the regular Chrome OS version.

Google Product Manager David Karam said, "For many businesses, managing a broad range of devices within one unified endpoint management solution is a necessity.” The new partnerships will "give IT admins the ability to manage and implement security policies across their full fleet of devices from a single place.”