Security News

A large-scale cyber-espionage campaign targeting primarily renewable energy and industrial technology organizations have been discovered to be active since at least 2019, targeting over fifteen entities worldwide. The campaign was discovered by security researcher William Thomas, a Curated Intelligence trust group member, who employed OSINT techniques like DNS scans and public sandbox submissions.

One sector that I believe is ripe and particularly susceptible to cyber attacks currently is the UK's energy sector. Impacted by a surge in demand for energy by countries across the northern hemisphere, the supply chain that services the UK's critical need for gas and electricity is currently grappling with a widespread energy crisis as we head into winter.

Cybersecurity firm Palo Alto Networks warned over the weekend of an ongoing hacking campaign that has already resulted in the compromise of at least nine organizations worldwide from critical sectors, including defense, healthcare, energy, technology, and education. To breach the orgs networks, the threat actors behind this cyberespionage campaign exploited a critical vulnerability in Zoho's enterprise password management solution known as ManageEngine ADSelfService Plus which allows remotely executing code on unpatched systems without authentication.

Mobile phishing exposure surged 161% within the energy industry between the second half of 2020 and the first half of 2021, a Lookout report reveals. Regional mobile phishing exposure rates: North America, APAC and EMEA. EMEA and APAC employees were 41% and 18% more likely to experience a mobile phishing attack than their North American peers.

Mobile phishing attacks targeting employees in the energy industry have risen by 161% compared to last year's data, and the trend is showing no signs of slowing down. There is a rising trend in phishing attacks targeting the global energy industry across the world.

A previously undocumented threat actor has been identified as behind a string of attacks targeting fuel, energy, and aviation production industries in Russia, the U.S., India, Nepal, Taiwan, and Japan with the goal of stealing data from compromised networks. "The group compromised a subsidiary and penetrated the target company's network through it. Trusted relationship attacks are rare today due to the complexity of their execution. Using this method [], the ChamelGang group was able to achieve its goal and steal data from the compromised network."

Though attackers mainly have been seen targeting Russian organizations, they have attacked targets in 10 countries so far, researchers said in a report by company researchers Aleksandr Grigorian, Daniil Koloskov, Denis Kuvshinov and Stanislav Rakovsky published online Thursday. ChamelGang - like Nobelium and REvil before it - has hopped on the bandwagon of attacking the supply chain first to gain access to its ultimate target, they said.

Zero-trust is a good way to prevent hackers from gaining control of our infrastructure and energy industries, expert says. TechRepublic's Karen Roby spoke with Greg Valentine, solution director for Capgemini, about cybersecurity in the energy sector.

Italian energy company ERG reports "Only a few minor disruptions" affecting its information and communications technology infrastructure following a ransomware attack on its systems. While the Italian renewable energy group only reffered to the incident as a hacker attack, La Repubblica reported that the attack was coordinated by the LockBit 2.0 ransomware group.

The U.S. Department of Energy CyberForce program is expanding this year to include more cyber competitions, webinars and career resources. In 2021, students have many more opportunities to learn about cybersecurity topics and compete within the CyberForce program.