Energy


  • Hacker claims to have hit General Electric and stolen company data

    November 27, 2023

    A hacker with the alias IntelBroker claims to have breached General Electric and stolen plenty of sensitive data from the company’s systems. The company operates in different fields, including aerospace, renewable energy, power, venture capital, and more. The hacker posted a new thread on an underground forum, selling access to the company’s “development and software pipelines” ...

  • Singapore cyber defenders fend off simulated attacks against cellular, gas and airport systems

    November 24, 2023

    As simulated attackers tried to overload an electrical system, cripple a water distribution network and shut down a gas plant, cyber defence operators across 26 national agencies sprung into action to neutralise the assaults on a fictional state’s critical infrastructure. These were among the scenarios that more than 200 participants went through from Nov 22 to ...

  • Cisco aids Ukraine in cyber defense with modified switches to counter Russian attacks

    November 23, 2023

    Cisco has proactively shipped modified switches to Ukrenergo, the state-owned electricity grid operator in Ukraine, to bolster its defenses against Russian cyberattacks targeting energy infrastructure. These attacks have included the use of GPS-jamming tactics, which disrupt the high-voltage energy subsystems crucial for power distribution and damage assessment. The reliance of Ukraine’s substations on GPS for time ...

  • Data stolen in hack of nuclear energy testing facility Idaho National Lab

    November 20, 2023

    The Idaho National Laboratory, part of the U.S. Department of Energy and one of the country’s foremost advanced nuclear energy testing labs, has suffered a breach that released the details of employees online. A hacking group called SiegeSec took responsibility for the breach, which occurred Sunday night. In a statement to local media, INL media spokesperson ...

  • Enhancing Computer Security for Nuclear Safety and Security

    November 16, 2023

    Nuclear safety and nuclear security share the same objective and vision: to protect individuals, societies and the environment from the potential harmful effects of ionizing radiation. Though the activities that address nuclear safety and nuclear security are different, it is essential to establish a well-coordinated approach to managing their interface. It is important to ensure that ...

  • Sandworm Disrupts Power in Ukraine Using a Novel Attack Against Operational Technology

    November 9, 2023

    In late 2022, Mandiant responded to a disruptive cyber physical incident in which the Russia-linked threat actor Sandworm targeted a Ukrainian critical infrastructure organization. This incident was a multi-event cyber attack that leveraged a novel technique for impacting industrial control systems (ICS) / operational technology (OT). The actor first used OT-level living off the land (LotL) ...

  • Updated MATA attacks industrial companies in Eastern Europe

    October 18, 2023

    In early September 2022, Kaspersky researchers discovered several new malware samples belonging to the MATA cluster. As they were collecting and analyzing the relevant telemetry data, they realized the campaign had been launched in mid-August 2022 and targeted over a dozen corporations in Eastern Europe from the oil and gas sector and defense industry. The actors ...

  • Redfly: Espionage Actors Continue to Target Critical Infrastructure

    September 12, 2023

    Espionage actors are continuing to mount attacks on critical national infrastructure (CNI) targets, a trend that has become a source of concern for governments and CNI organizations worldwide. Symantec’s Threat Hunter Team has found evidence that a threat actor group Symantec calls Redfly used the ShadowPad Trojan to compromise a national grid in an Asian ...

  • Analyzing Cuba ransomware

    September 11, 2023

    The group’s offensives first got on Kaspersky researchers radar in late 2020. Back then, the cybercriminals had not yet adopted the moniker “Cuba”; they were known as “Tropical Scorpius”. Cuba mostly targets organizations in the United States, Canada and Europe. The gang has scored a series of resonant attacks on oil companies, financial services, government ...

  • UK: National Grid plots ‘honeypots’ to catch hackers as cyber attacks ramp up

    August 30, 2023

    National Grid is to set “honeypots” and plant false documents online as part of efforts to counter a surge in cyber attackers. The Grid has advertised a contract worth more than a million pounds to secure advanced cyber “deception” technology to help improve its digital defences. The London-listed infrastructure provider, which runs Britain’s electricity network and ...

  • IAEA: Improving Computer Security Anomaly Detection Techniques through Coordinated Research Projects

    August 25, 2023

    Identifying anomalies in the operations of computer systems that control critical safety and security functions calls for extensive expertise, and the actions required need to be tested, analysed and amended in order to be robust. “Anomaly detection plays an important part in early assessment of possible threats targeting the computer-based systems at nuclear and radiological facilities,” ...

  • Cyber attack on Aussie energy services firm may hit UK CNI

    August 21, 2023

    Operators of critical utility infrastructure across the UK may have been affected by a developing cyber attack on the systems of Energy One, an Australia-based supplier of software and services for the energy sector. The ongoing incident was disclosed via a statement to the Australian Securities Exchange (ASX) on the morning of Monday 21 August (Sunday ...

  • Unknown actor targets power generator with DroxiDat and Cobalt Strike

    August 10, 2023

    Recently Kaspersky pushed a report about an interesting and common component of the cybercrime malware set – SystemBC. And, in much the same vein as the 2021 Darkside Colonial Pipeline incident, they found a new SystemBC variant deployed to a critical infrastructure target. This time, the proxy-capable backdoor was deployed alongside Cobalt Strike beacons in ...

  • Cyberattacks targeting utility firms at ‘alarmingly high levels’

    August 2, 2023

    Utility firms such as electricity providers have become the new frontier for cyberattacks, reaching “alarmingly high levels” last year, the International Energy Agency (IEA) has warned. Russia’s invasion of Ukraine gave fresh impetus to cyber criminals to attack electricity grids and demand ransoms from energy companies scarcely able to defend themselves due to a cybersecurity ...

  • US officials search for hidden Chinese malware that could affect military operations

    July 29, 2023

    US officials are searching for Chinese malware hidden in various defense systems that could disrupt military communications and resupply operations, The New York Times reported Saturday. The administration believes malicious computer code has been hidden inside “networks controlling power grids, communications systems and water supplies that feed military bases,” officials told the Times. Read more… Source: CNN News  

  • TSA updates, renews cybersecurity requirements for pipeline owners, operators

    July 26, 2023

    The Transportation Security Administration (TSA) announced an update to its Security Directive regarding oil and natural gas pipeline cybersecurity. This revised directive will continue the effort to reinforce cybersecurity preparedness and resilience for the nation’s critical pipelines. Developed with input from industry stakeholders and federal partners, including the Cybersecurity and Infrastructure Security Agency (CISA) and the ...

  • Securing Digital Technologies of the Next Generation of Nuclear Reactors

    July 25, 2023

    All innovations bring potential benefits that could transform industries, but they also bring potential risks. In the nuclear field, advanced nuclear reactors, including small modular reactors (SMRs), are incorporating innovative technologies, particularly digital technologies that yield novel solutions. There is growing interest in SMRs. These advanced nuclear reactors have a limited power capacity — typically ...

  • US energy department, other agencies hit in global hacking spree

    July 16, 2023

    The U.S. Department of Energy and several other federal agencies were hit in a global hacking campaign that exploited a vulnerability in widely used file-transfer software, officials said on Thursday. Data was “compromised” at two entities within the energy department when hackers gained access through a security flaw in MOVEit Transfer, the department said in a ...

  • Utility cyber threats on the rise, but experts say don’t forget basics

    July 12, 2023

    “There’s an increase in threat actors targeting critical infrastructure,” said Katell Thielemann, a Gartner research analyst focused on risk and security for cyber-physical systems. “And there’s an enhanced sensitivity that threat actors are probing infrastructure.” Since 2021, the U.S. Department of Energy’s annual summary of electric disturbance events shows an uptick in cyber activity. And cyber ...

  • How Computer Security Exercises Help Increase Readiness for Response to Cyberattacks in Nuclear Security

    June 20, 2023

    Historically, nuclear facilities have focused on securing their nuclear material against malevolent attacks by putting in place physical protection measures such as guns, guards and gates. These measures are still used to successfully build fortresses around nuclear facilities, preventing theft of nuclear or other radioactive material, sabotage or unauthorized access to control systems. However, in recent ...