In the report, Russian hackers have been hacking for years into several important infrastructure in the US. The power grid, water treatment plant, and air transportation facilities are the main target of the action.
This hacker group has infiltrated more than dozens of power plants in seven states, and extends to several other states in July 2017.
It said in the report, "Since March 2016, Russian cyber criminals have targeted a number of key infrastructure in the US, including the energy, nuclear, commercial, water, aviation and manufacturing sectors."
This is based on analysis from the Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI).
The report also details what methods hackers use to infiltrate computer systems across the country.
Before entering into their target network, Russian hackers will hack and hide malware within third party partner systems.
Once entered into the system, hackers can access the target workstation containing the output data from the control system inside the facility.
Not only revealed reports of hacking action by the Russians, US-CERT also released several ways that can be done to avoid hacking action that happens again in the future.
Mentioned, companies are asked to train their workers on how to use email better and correctly. They also recommend using two-factor authentication for employees and setting rules for password usage.