Reported: March 15, 2018
Details: US-CERT has identified that since May 2016 advanced attackers that could be associated with the Russian government have been conducting sophisticated attacks on critical infrastructure sectors within the United States. The attackers used, and continue to use, a variety of attack methods including:
This campaign is noticeable in that the first targets attacked are not the intended victims. Third party suppliers are being used as pivot points to gain access to their final victims.