Security News

As important as bulletproof vests: Yubico sends 20,000 keys to Ukrainian government and energy agencies
2022-05-10 20:58

He asked Yubico for help deploying the security keys to the Ukrainian government. "We needed to have a lot of keys to deploy but we didn't have this amount of keys in our warehouse," he said.

Sandworm hackers fail to take down Ukrainian energy provider
2022-04-12 12:03

The Russian state-sponsored hacking group known as Sandworm tried on Friday to take down a large Ukrainian energy provider by disconnecting its electrical substations with a new variant of the Industroyer malware for industrial control systems and a new version of the CaddyWiper data destruction malware. The threat actor used a version of the Industroyer ICS malware customized for the target high-voltage electrical substations and then tried to erase the traces of the attack by executing CaddyWiper and other data-wiping malware families tracked as Orcshred, Soloshred, and Awfulshred for Linux and Solaris systems.

Triton malware still a threat to energy sector, FBI warns
2022-03-28 12:30

The new FBI warning [PDF] came a day after the US Department of Justice unsealed a pair of indictments that detail alleged Russian government efforts to use supply chain attacks and malware in an attempt to compromise and control critical infrastructure. One of the two indictments involves Triton malware and its use in the 2017 attack.

US DoJ reveals Russian supply chain attack targeting energy sector
2022-03-25 06:45

The United States Department of Justice has unsealed a pair of indictments that detail alleged Russian government hackers' efforts to use supply chain attacks and malware in an attempt to compromise and control critical infrastructure around the world - including at least one nuclear power plant. The trio allegedly spent 2012 to 2014 working on a project code-named "Dragonfly" during which a supply chain attack targeted updates of industrial control systems and supervisory control and data acquisition systems.

Energy, oil and utility sector most likely to pay ransoms
2022-02-15 06:00

CyberSaint announced the release of a report which identifies which sectors pay the most in ransom, have the propensity to pay and delves into the future of ransomware. Since these sectors provide vital services, organizations are more likely to pay the ransom to protect the stolen data and restore provided services.

Cyber espionage campaign targets renewable energy companies
2022-01-17 16:38

A large-scale cyber-espionage campaign targeting primarily renewable energy and industrial technology organizations have been discovered to be active since at least 2019, targeting over fifteen entities worldwide. The campaign was discovered by security researcher William Thomas, a Curated Intelligence trust group member, who employed OSINT techniques like DNS scans and public sandbox submissions.

Why the UK’s energy sector is fragile and ripe to cyber attacks
2022-01-03 05:50

One sector that I believe is ripe and particularly susceptible to cyber attacks currently is the UK's energy sector. Impacted by a surge in demand for energy by countries across the northern hemisphere, the supply chain that services the UK's critical need for gas and electricity is currently grappling with a widespread energy crisis as we head into winter.

State hackers breach defense, energy, healthcare orgs worldwide
2021-11-08 08:34

Cybersecurity firm Palo Alto Networks warned over the weekend of an ongoing hacking campaign that has already resulted in the compromise of at least nine organizations worldwide from critical sectors, including defense, healthcare, energy, technology, and education. To breach the orgs networks, the threat actors behind this cyberespionage campaign exploited a critical vulnerability in Zoho's enterprise password management solution known as ManageEngine ADSelfService Plus which allows remotely executing code on unpatched systems without authentication.

Mobile phishing exposure in the energy industry surged 161% in 2021
2021-11-08 05:00

Mobile phishing exposure surged 161% within the energy industry between the second half of 2020 and the first half of 2021, a Lookout report reveals. Regional mobile phishing exposure rates: North America, APAC and EMEA. EMEA and APAC employees were 41% and 18% more likely to experience a mobile phishing attack than their North American peers.

Mobile phishing attacks targeting energy sector surge by 161%
2021-11-03 14:28

Mobile phishing attacks targeting employees in the energy industry have risen by 161% compared to last year's data, and the trend is showing no signs of slowing down. There is a rising trend in phishing attacks targeting the global energy industry across the world.