U.S. government asks firms to check networks after (so called Russian) 'Energetic Bear' attacks
(Reuters) - The U.S. government has asked critical infrastructure operators to review computer networks to see if they are infected with malicious software from the "Energetic Bear" hacking group, which private researchers say is tied to the Russian government.
The Department of Homeland Security's Industrial Control Systems Cyber Emergency Response Team, or ICS-CERT, issued the request after researchers with F-Secure of Finland and Symantec Corp of the United States reported that they believed Energetic Bear was behind a campaign to infect energy and industrial firms around the world with malicious software known as the Havex Trojan.
ICS-CERT on Tuesday advised critical infrastructure operators to tighten security, and provided them a list of specific steps to better protect their systems. It also asked them to check to see if their systems had been infected.
"ICS-CERT strongly recommends that organizations check their network logs for activity associated with this campaign," DHS said in an alert on its website Tuesday.