- UK Nuclear body opens cyber security hub
November 27, 2024
A nuclear body has launched a cyber security hub to help protect itself from IT threats. The Nuclear Decommissioning Authority (NDA) opened the centre at Herdus House in Moor Row, near the Sellafield nuclear plant in Cumbria. It said the Group Cyberspace Collaboration Centre (GCCC) provided a space for experts to share knowledge on how to ...
- FrostyGoop’s Zoom-In: A Closer Look into the Malware Artifacts, Behaviors and Network Communications
November 19, 2024
In July 2024, the operational technology (OT)-centric malware FrostyGoop/BUSTLEBERM became publicly known, after attackers used it to disrupt critical infrastructure. The outage occurred after the Cyber Security Situation Center (CSSC), affiliated with the Security Service of Ukraine, disclosed details of an attack on a municipal energy company in Ukraine in early 2024. FrostyGoop is the ninth ...
- Earth Simnavaz (aka APT34) Levies Advanced Cyberattacks Against Middle East
November 11, 2024
Recently, Trend Micro has been tracking Earth Simnavaz (also known as APT34 and OilRig), a cyber espionage group. This group primarily targets organizations in the energy sector, particularly those involved in oil and gas, as well as other infrastructure. It is known for using sophisticated tactics, techniques, and procedures (TTPs) to gain unauthorized access to networks ...
- Analysis of the Crypt Ghouls group: continuing the investigation into a series of attacks on Russia
October 18, 2024
Last December, Kaspersky researchers discovered a new group targeting Russian businesses and government agencies with ransomware. Further investigation into this group’s activity suggests a connection to other groups currently targeting Russia. Kaspersky researchers have seen overlaps not only in indicators of compromise and tools, but also tactics, techniques, and procedures (TTPs). Moreover, the infrastructure partially overlaps ...
- UK’s Sellafield nuclear waste processing plant fined £333K for infosec blunders
October 4, 2024
The outfit that runs Britain’s Sellafield nuclear waste processing and decommissioning site has been fined £332,500 ($440,000) by the nation’s Office for Nuclear Regulation (ONR) for its shoddy cybersecurity practices between 2019 and 2023. Sellafield, located in Cumbria, England, manages more radioactive waste than any other nuclear site in the world, and decommissioning work happening at ...
- Principles of operational technology cyber security
October 1, 2024
Critical infrastructure organisations provide vital services, including supplying clean water, energy, and transportation, to the public. These organisations rely on operational technology (OT) to control and manage the physical equipment and processes that provide these critical services. As such, the continuity of vital services relies on critical infrastructure organisations ensuring the cyber security and safety ...
- NATO trains countries to respond to cyber attacks on renewables
September 26, 2024
As the war in Ukraine rages on and Russia pounds Ukraine’s energy facilities, Europe’s renewable energy sector is increasingly vulnerable to hybrid warfare. In Jönköping, NATO has set up an exercise training participants to deter, prepare and react to hybrid cyber security threats to renewable energy sources. Under the Nordic Pine Hybrid Threats to Renewable Energy ...
- Head Mare: adventures of a unicorn in Russia and Belarus
September 2, 2024
Head Mare is a hacktivist group that first made itself known in 2023 on the social network X (formerly Twitter). In their public posts, the attackers reveal information about some of their victims, including organization names, internal documents stolen during attacks, and screenshots of desktops and administrative consoles. By analyzing incidents in Russian companies, Kaspersky researchers ...
- Halliburton probes impact of cyber attack with law enforcement
August 24, 2024
Top U.S. oilfield services firm Halliburton said on Friday it was working with law enforcement to determine the extent of a computer systems breach and was yet to determine if the incident would have a material impact on its business. The $23-billion company became aware of the cyber attack on Wednesday, it said in its first ...
- Europe’s leading solar power grid is ‘vulnerable’ to hackers
August 21, 2024
A recent study by a cybersecurity firm confirmed that the Dutch solar energy grid is vulnerable to multiple types of attacks on its system. A new study by a cybersecurity firm confirmed that one of Europe’s largest solar energy grids is vulnerable to multiple types of attacks on its system. Over a six-month period, researchers with ...
- BVI Electricity Corporation suffers cyber attack
August 20, 2024
The BVI Electricity Corporation (BVIEC) announced on Monday, August 19, that it had fallen victim to a cyberattack. The power company stated that the attack has impacted both their internal and external operations. While the full details of the cyberattack have not been disclosed, BVIEC has assured the public that they are working closely with experts ...
- BlindEagle flying high in Latin America
August 19, 2024
BlindEagle, also known as “APT-C-36”, is an APT actor recognized for employing straightforward yet impactful attack techniques and methodologies. The group is known for their persistent campaigns targeting entities and individuals in Colombia, Ecuador, Chile, Panama and other countries in Latin America. They have been targeting entities in multiple sectors, including governmental institutions, financial companies, energy ...
- Venezuela is the Victim of a Cyber Coup
August 10, 2024
On Friday, Joaquin Perez, the Deputy Ambassador of Venezuela to the United Nations, participated in the United Nations Convention on Cybercrime meeting held in New York. The Bolivarian diplomat denounced that Venezuela is being subjected to a cyber coup d’état orchestrated by transnational far-right powerful actors who control major media outlets and social networks. “The meeting ...
- UK: 48 cyber breaches of utility companies recorded last year, a 586% increase on 2022
July 29, 2024
The number of successful cyber attacks against UK utility companies has risen to 48 in 2023, a 586% increase on the seven cases in 2022, says global specialty (re)insurance group Chaucer. So far these cyber attacks have been largely restricted to the theft of data or ransomware attacks. There have been concerns that cyber attacks designed ...
- FBI: Renewable energy systems vulnerable to cyber attacks
July 2, 2024
The FBI has issued an official alert to the public about the potential for malicious cyber actors to disrupt power generation, steal intellectual property, or hold critical information for ransom within the U.S. renewable energy sector. The warning comes as federal and local governments increasingly advocate for renewable energies, expanding the industry and creating more opportunities ...
- More ways Israel could strike Iran, from cyber attacks to assassinations
April 20, 2024
For years, the two countries in the Middle East targeted each other’s military and intelligence sites in cyber attacks. The best known, from Israel’s side, was Stuxnet – reportedly developed jointly by the U.S. and Israel — that struck the computer system of the Natanz nuclear site, an underground facility in central Iran. The New York ...
- Threat landscape for industrial automation systems. H2 2023
March 19, 2024
In the second half of 2023, the percentage of ICS computers on which malicious objects were blocked decreased by 2.1 pp to 31.9%. In H2 2023, building automation once again had the highest percentage of ICS computers on which malicious objects were blocked of all industries that we looked at. Oil and Gas was the only ...
- Is Cybersecurity The Achilles’ Heel Of The Electric Vehicle Revolution?
March 12, 2024
The electric vehicle (EV) sector, though nascent and in its formative years, faces numerous challenges. Recent concerns, such as “range anxiety” (a vehicle battery’s charge and ability to complete a planned journey) among consumers and incidents of vehicles losing power in cold temperatures, have contributed to a slowdown in adoption. While the trajectory of electric vehicle ...
- Large-Scale Crypto Mining Consumes 2% of US Electricity
February 4, 2024
A recent analysis by the Energy Information Agency (EIA) estimates that large-scale cryptocurrency operations consume more than 2% of the country’s electricity. And as Ars Technica noted in a report on Friday (Feb. 2), that’s around the equivalent of adding another state to the country’s power grid. While there is some smaller-scale mining happening on home ...
- Veolia North America hit by ransomware attack
January 24, 2024
A department in Veolia North America, a transnational company offering water, energy and waste recycling management services, suffered a ransomware attack which resulted in the theft of some personal data, and forced the company to take parts of its infrastructure offline. In a press release published on the Veolia website, the company confirmed its Municipal Water ...