- North Korean hackers stole research data in two-month-long breach
February 2, 2023
A new cyber espionage campaign dubbed ‘No Pineapple!’ has been attributed to the North Korean Lazarus hacking group, allowing the threat actors to stealthily steal 100GB of data from the victim without causing any destruction. The campaign lasted between August and November 2022, targeting organizations in medical research, healthcare, chemical engineering, energy, defense, and a leading ...
- Gone Phishing: Hunting for Malicious Industrial-Themed Emails to Prevent Operational Technology Compromises
January 17, 2023
Phishing is one of the most common techniques used to deliver malware and gain access to target networks. This is not only because of its simplicity and scalability, but also because of its efficiency in exploiting vulnerabilities in human behavior. Despite the existence of sophisticated detection tooling and security awareness of phishing techniques, defenders across ...
- New York Adopts Law Protecting Power Grid from Cyber Attacks
January 4, 2023
New York Gov. Kathy Hochul signed legislation to create cybersecurity protections for the state’s energy grid. The legislation (designated A.3904B/S.5579A) will require utilities to prepare for cyberattacks in their annual emergency response plans, just as they would for storm or other hazards. The new protections also give the Public Service Commission enhanced auditing powers to ensure ...
- Hackers stole data from multiple electric utilities in recent ransomware attack
December 27, 2022
Hackers stole data belonging to multiple electric utilities in an October ransomware attack on a US government contractor that handles critical infrastructure projects across the country, according to a memo describing the hack obtained by CNN. Federal officials have closely monitored the incident for any potential broader impact on the US power sector while private investigators ...
- After ransomware hits Colombian energy firm, Moody’s says low patch rate suggests inadequacies in cyber practices
December 22, 2022
A ransomware attack at top Colombian energy company Empresas Publicas de Medellin (EPM) may damage its credit quality, setting an alarm clock for the critical infrastructure industry to develop efficient mitigation practices and vulnerability management programs, Moody’s said. EPM, one of Colombia’s largest public energy, water, and gas providers suffered from a ransomware attack reported on ...
- Cybersecurity laws to be updated to boost UK protection from cyber attacks
November 30, 2022
The UK’s cybersecurity laws will be updated to require outsourced IT providers to meet security standards as part of efforts to better protect supply chains, the Government has announced. The Network and Information Systems (NIS) Regulations will be updated so third-party firms providing IT services to businesses will be compelled to have effective cybersecurity measures in ...
- US offshore oil and gas installation at ‘increasing’ risk of cyberattack
November 21, 2022
The US Government Accountability Office (GAO) has warned that the time to act on securing the US’s offshore oil and natural gas installations is now because they are under “increasing” and “significant risk” of cyberattack. A report to Congress looked at a network of “more than 1,600 offshore oil and gas facilities,” which the federal watchdog ...
- Electricity/Energy Cybersecurity: Trends & Survey Response
November 16, 2022
Trend Micro conducted a study on the state of industrial cybersecurity in the oil and gas, manufacturing, and electricity/energy industries in 2022. Based on the results of a survey of over 900 ICS business and security leaders in the United States, Germany, and Japan, we will discuss the characteristics of each industry, the motivations and ...
- Cyber vulnerability in networks used by spacecraft, aircraft and energy generation systems
November 15, 2022
A major vulnerability in a networking technology widely used in critical infrastructures such as spacecraft, aircraft, energy generation systems and industrial control systems was exposed by researchers at the University of Michigan and NASA. It goes after a network protocol and hardware system called time-triggered ethernet, or TTE, which greatly reduces costs in high-risk settings by ...
- Shocker: EV charging infrastructure is seriously insecure
November 15, 2022
If you’ve noticed car charging stations showing up in your area, congratulations! You’re part of a growing network of systems so poorly secured they could one day be used to destabilize entire electrical grids, and which contain enough security issues to be problematic today. That’s what scientists at Sandia National Laboratory in Albuquerque, New Mexico have ...
- DTrack activity targeting Europe and Latin America
November 15, 2022
DTrack is a backdoor used by the Lazarus group. Initially discovered in 2019, the backdoor remains in use three years later. It is used by the Lazarus group against a wide variety of targets. For example, Kaspersky researchers seen it being used in financial environments where ATMs were breached, in attacks on a nuclear power ...
- Hive claims ransomware attack on Tata Power, begins leaking data
October 25, 2022
Hive ransomware group has claimed responsibility for a cyber attack disclosed by Tata Power this month. A subsidiary of the multinational conglomerate Tata Group, Tata Power is India’s largest integrated power company based in Mumbai. In screenshots seen by BleepingComputer, Hive operators have posted data they claim to have stolen from Tata Power, indicating that the ransom ...
- Iran’s atomic energy agency confirms hack after stolen data leaked online
October 24, 2022
The Iranian Atomic Energy Organization (AEOI) has confirmed that one of its subsidiaries’ email servers was hacked after the ”Black Reward’ hacking group published stolen data online. AEOI says an unauthorized party from a specific foreign country, which is not named, stole emails from the hacked server, which consisted of daily correspondence and technical memos. The agency ...
- Oil and Gas Cybersecurity: Trends & Response to Survey
October 13, 2022
Trend Micro conducted a study on the state of industrial cybersecurity in the oil and gas, manufacturing, and electricity/energy industries in 2022. Based on the results of a survey of over 900 ICS business and security leaders in the United States, Germany, and Japan, they discuss the characteristics of each industry, the motivations and environmental ...
- Pro-Iranian hackers attack Israeli gas company website
October 9, 2022
Iraqi hacker group “al-Tahara” attacked the websites for two natural gas companies. The first, Energean, is an international company which has done extensive business with Israel, having acquired the Karish and Tanin natural gas fields from Delek Drilling and Avner Oil in 2016. The second, Israel Natural Gas Lines, is a corporation owned by the Israeli ...
- Utility security is so bad, US DoE offers rate cuts to improve it
October 7, 2022
The US Department of Energy has proposed regulations to financially reward cybersecurity modernization at power plants by offering rate deals for everything from buying new hardware to paying for outside help. In a notice of proposed rulemaking published earlier this week (which nullified a similar 2021 plan), the DoE said the time was right “to establish ...
- Moody’s turns up the heat on ‘riskiest’ sectors for cyberattacks
October 3, 2022
About $22 trillion of global debt rated by Moody’s Investors Service has “high,” or “very high” cyber-risk exposure, with electric, gas and water utilities, as well as hospitals, among the sectors facing the highest risk of cyberattacks. That’s more than one-quarter (28 percent) of the $80 trillion in Moody’s rated debt across 71 global sectors, and ...
- Russian Sandworm hackers pose as Ukrainian telcos to drop malware
September 19, 2022
The Russian state-sponsored hacking group known as Sandworm has been observed masquerading as telecommunication providers to target Ukrainian entities with malware. Sandworm is a state-backed threat actor attributed by the US government as part of the Russian GRU foreign military intelligence service. The APT hacking group is believed to have been behind numerous attacks this year, including ...
- Criminals exploiting cost of living crisis with energy rebate scam emails
September 7, 2022
Criminals are cashing in on the energy crisis by offering bogus rebates to try and trick victims into handing over bank account details. Police say in the past fortnight they’ve had nearly 1,600 reports of suspicious emails with links to malicious websites designed to steal personal and financial information. The scam emails pretend to be from the ...
- China-linked APT40 gang targets wind farms, Australian government
August 31, 2022
Researchers at security company Proofpoint and PricewaterhouseCoopers (PWC) said on Tuesday they had identified a cyber espionage campaign that delivers the ScanBox exploitation framework through a malicious fake Australian news site. The campaign, active from April to June of this year, targeted Australian government agencies, Australian media companies and manufacturers who conduct maintenance on wind turbine ...