November 2023 saw an unprecedented cyber attack on Denmark’s energy infrastructure. In a co-ordinated breach of 22 companies, criminal gangs gained access to industrial control systems.
Investigators believe at least one of the attackers was acting on behalf of a state. Michael Murphy, who heads Fortinet’s APAC Operational Technology group from the company’s Sydney office, says critical infrastructure was compromised: “Energy generation sites were forced into island operation mode, where they are no longer centrally managed.” He says the affected companies had a next-generation cybersecurity product in place that they assumed would protect them from any threat. It didn’t.
Read more…
Source: The New Zealand Herald News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- When Wi-Fi Encryption Fails: Protecting Your Enterprise from AirSnitch Attacks
April 22, 2026
Enterprises have long trusted Wi-Fi encryption and client isolation to secure their wireless infrastructure. However, Palo Alto conducted research presented at the NDSS Symposium 2026 that reveals that these safeguards can be breached by a novel set of attack techniques that they call AirSnitch. These techniques exploit subtle security issues in protocol-infrastructure interactions to undermine the ...
- Void Dokkaebi uses fake job interview lure to spread malware via code repositories
April 21, 2026
Void Dokkaebi, also tracked as Famous Chollima, is a North Korea-aligned intrusion set that systematically targets software developers who hold cryptocurrency wallet credentials, signing keys, and access to continuous integration/continuous delivery (CI/CD) pipelines and production infrastructure. As previously documented by TrendAI Research, the group poses as recruiters from cryptocurrency and AI firms, luring developers into cloning ...
- Adaptavist Group breach spawns imposter emails as ransomware crew claims mega-haul
April 21, 2026
UK enterprise software consultancy The Adaptavist Group is investigating a security breach after an intruder logged in with stolen credentials, while a ransomware crew claims it grabbed far more than the company is currently admitting. In a letter to customers, Adaptavist’s CEO Simon Haighton-Williams said the biz detected an “IT security incident” in late March after ...
- Amtrak data breach exposes 2.1M records, reports suggest larger leak
April 20, 2026
Booking a train ticket shouldn’t come with a side of data exposure, but that’s the situation Amtrak customers are now facing. The rail service is dealing with a breach after hackers claimed to have accessed and released millions of customer records online. The exposed dataset was confirmed to contain at least 2.1 million unique accounts, although ...
- North Korean hackers blamed for $290M crypto theft
April 20, 2026
Over the weekend, hackers stole more than $290 million in cryptocurrency from Kelp DAO, a protocol that allows users to earn yields on idle crypto investments. By Monday, LayerZero, one of the projects affected by the hack, accused North Korea of carrying out the heist. The hack is now the largest crypto theft of the year ...
- Mythos: An AI tool too powerful for public release
April 20, 2026
Anthropic’s most capable model to date, Claude Mythos Preview (aka Mythos), has been described as a “step change” in AI performance, especially on cybersecurity tasks. Anthropic tried to keep Mythos a secret until a few weeks ago, when a data leak revealed the existence of what the company said was its most powerful artificial intelligence to ...