Energy

June 5, 2025

The Industrial Internet of Things (IIoT) has transformed how industries operate, delivering efficiencies and insights previously unimaginable. Businesses across manufacturing, logistics, energy, and supply-chain sectors are now rapidly connecting legacy factory equipment, RFID-enabled assets, and operational technologies to cloud-based analytics platforms. But as companies accelerate their adoption of these powerful technologies, they’re opening the door to ...

May 14, 2025

Nigeria’s strategic oil and gas industry has been urged to beef up its cyber security and avoid massive potential cost to the economy if current measures fail. According to Check Point’s African Perspectives on Cyber Security Report 2024, Nigeria continues to face one of the highest frequencies of cyber attacks in Africa, with organisations being attacked ...

April 28, 2025

A major power outage hit Spain and Portugal on Monday, including their capitals, knocking out subway networks, phone lines, traffic lights and ATM machines. It is rare to have such a widespread outage there. Spanish generator Red Eléctrica said it affected the Iberian peninsula and the incident is being assessed. The countries have a combined population ...

April 23, 2025

The Cybersecurity and Infrastructure Security Agency (CISA), Department of Homeland Security (DHS) Science and Technology Directorate (S&T) and the Idaho National Laboratory (INL) hosted Louisiana State University (LSU) and several energy industry and critical infrastructure partners to train against simulated, high-impact cyberattacks on operational technology (OT) and traditional information technology (IT) at CISA’s Control Environment ...

April 11, 2025

Kimsuky, alias Mystery Baby, Baby Coin, Smoke Screen, Black Banshe, etc., is tracked internally by Qi’anxin as APT-Q-2. The APT group was publicly disclosed in 2013, with attack activity dating as far back as 2012. Kimsuky’s main target for attacks has been South Korea, involving defense, education, energy, government, healthcare, and think tanks, with a focus ...

April 10, 2025

GOFFEE is a threat actor that first came to our attention in early 2022. Since then, Kaspersky researchers have observed malicious activities targeting exclusively entities located in the Russian Federation, leveraging spear phishing emails with a malicious attachment. Starting in May 2022 and up until summer of 2023, GOFFEE deployed modified Owowa (malicious IIS module) in ...

March 30, 2025

The increasing use of solar power has exposed critical cybersecurity vulnerabilities in inverters, cloud computing services, and monitoring platforms, creating an insecure ecosystem where hackers can manipulate energy production, disrupt power grids, and steal sensitive data, posing serious risks to global energy infrastructure, experts have warned. A study by Forescout – Vedere Labs identified 46 new ...

March 19, 2025

A hacker group has disrupted the communication networks of ships belonging to two major Iranian shipping companies sanctioned by the US. The group, called Lab Dookhtegan or “Read My Lips”, said it has disrupted the communication networks of 116 ships and therefore, severed the ships’ connections to each other, their ports, and external communication channels, according ...

March 10, 2025

Last year, Kaspersky researchers published an article about SideWinder, a highly prolific APT group whose primary targets have been military and government entities in Pakistan, Sri Lanka, China, and Nepal. In the article, they described activities that had mostly happened in the first half of the year. The researchers tried to draw attention to the group, ...

February 17, 2025

Dr. Mohammed Hamad Al Kuwaiti, Chairman of the UAE Cybersecurity Council, stated that the UAE possesses an advanced cybersecurity system capable of predicting and countering most electronic attacks before they occur. He noted that the average daily cyberattacks on key sectors exceeds 50,000, all of which are proactively deterred and mitigated. In statements to the Emirates ...

February 12, 2025

Microsoft is publishing for the first time their research into a subgroup within the Russian state actor Seashell Blizzard and its multiyear initial access operation, tracked by Microsoft Threat Intelligence as the “BadPilot campaign”. This subgroup has conducted globally diverse compromises of Internet-facing infrastructure to enable Seashell Blizzard to persist on high-value targets and support tailored ...

January 31, 2025

On the anniversary of the Battle of Kruty, a cyber unit of Ukraine’s Main Intelligence Directorate launched a DDoS attack on the digital infrastructure of Russia’s Gazprom and Gazpromneft. In particular, Ukrainian cyber professionals attacked the online services of the enterprises that support the activities of the Russian army. From January 28, 2025, company clients were ...

December 30, 2024

Singapore OSV owner and operator Vallianz has been hit by a cyberattack that has allowed an unknown party unauthorised access to the company’s servers. Upon discovering the ransomware incident, the firm – and its parent company Rawabi Holding Company Limited – took immediate action to identify, contain, and address the incident with the help of external ...

December 10, 2024

Romanian energy supplier Electrica Group has confirmed suffering a cyberattack in the latest incident to hit major institutions in the country. In a press announcement, the company said it was investigating an “ongoing cyberattack” together with the local law enforcement. The company did not detail the attack, its nature, goal, or the identity of the threat ...

December 10, 2024

The U.S. sanctioned a Chinese cybersecurity company and one of its employees for exploiting a zero-day vulnerability in Sophos firewalls to target U.S. organizations. On Tuesday, the U.S. Treasury Department said Guan Tianfeng, an employee of Sichuan Silence, used the vulnerability to compromise approximately 81,000 firewalls in April 2020. The hacking campaign, detailed by Sophos in ...

November 27, 2024

The FBI has been investigating a longtime Exxon Mobil consultant over the contractor’s alleged role in a hack-and-leak operation that targeted hundreds of the oil company’s biggest critics, according to three people familiar with the matter. The operation involved mercenary hackers who successfully breached the email accounts of environmental activists and others, the sources told Reuters. ...

November 27, 2024

A nuclear body has launched a cyber security hub to help protect itself from IT threats. The Nuclear Decommissioning Authority (NDA) opened the centre at Herdus House in Moor Row, near the Sellafield nuclear plant in Cumbria. It said the Group Cyberspace Collaboration Centre (GCCC) provided a space for experts to share knowledge on how to ...

November 19, 2024

In July 2024, the operational technology (OT)-centric malware FrostyGoop/BUSTLEBERM became publicly known, after attackers used it to disrupt critical infrastructure. The outage occurred after the Cyber Security Situation Center (CSSC), affiliated with the Security Service of Ukraine, disclosed details of an attack on a municipal energy company in Ukraine in early 2024. FrostyGoop is the ninth ...

November 11, 2024

Recently, Trend Micro has been tracking Earth Simnavaz (also known as APT34 and OilRig), a cyber espionage group. This group primarily targets organizations in the energy sector, particularly those involved in oil and gas, as well as other infrastructure. It is known for using sophisticated tactics, techniques, and procedures (TTPs) to gain unauthorized access to networks ...

October 18, 2024

Last December, Kaspersky researchers discovered a new group targeting Russian businesses and government agencies with ransomware. Further investigation into this group’s activity suggests a connection to other groups currently targeting Russia. Kaspersky researchers have seen overlaps not only in indicators of compromise and tools, but also tactics, techniques, and procedures (TTPs). Moreover, the infrastructure partially overlaps ...