March 22, 2023

Four new hacking groups targeting industrial systems have been detected over the past year and there’s an increased amount of investment from cyber attackers targeting industry and industrial control systems including electric power, water, oil and gas, and manufacturing steal information and cause disruption.

The four new groups identified over the course of the past year named by researchers as Stibnite, Talonite, Kamacite, and Vanadinite targeting industrial control systems.

Stibnite focuses on wind turbine companies that generate electric power in Azerbaijan, while Talonite almost exclusively focuses on attempting to gain access to electricity providers in the US.

Kamacite links to the Sandworm group has targeted industrial operations of energy companies across North America and Europe.

Vanadinite conducts operations against energy, manufacturing and transport across North America, Europe, Australia and Asia, with a focus on information gathering and ICS compromise.

The more visibility we build in the OT space, the greater understanding of its threat landscape and the adversaries active there we can identify. OT network attacks requires a different approach than traditional IT security.

Hackers are able to combine this lack of visibility with the ability to hide in plain sight by abusing legitimate login credentials to help move around the network. Campaigns targeting industrial systems involve phishing attacks or the exploitation of remote services, allowing the attackers to use real accounts to perform malicious activity while helping to avoid being detected as suspicious.

This activity could have physical effects away from a network environment, as recently demonstrated when a malicious hacker was able to modify the chemical properties of drinking water after compromising the network of the water treatment facility for the city of Oldsmar, Florida.

There are cybersecurity procedures that industrial organisations can undertake in order to boost visibility of their own networks and help protect systems from cyber intrusions.

Defence in depth to exercise control

Nework Segmentation & Network Access Control

MFA

Tags:

Leave a Reply

Related Post

Mandiant Report – Nation State Zero Day Exploits in 2022

Mandiant Report – Nation State Zero Day Exploits in 2022

March 22, 2023
Mispadu Banking Trojan

Mispadu Banking Trojan

March 22, 2023

You may have missed

Mandiant Report – Nation State Zero Day Exploits in 2022

Mandiant Report – Nation State Zero Day Exploits in 2022

March 22, 2023
Mispadu Banking Trojan

Mispadu Banking Trojan

March 22, 2023
DotRunpeX – Malware Injector Spreads in Wild

DotRunpeX – Malware Injector Spreads in Wild

March 21, 2023
Killnet Targets Healthcare Azure Resources

Killnet Targets Healthcare Azure Resources

March 21, 2023
NBA suffers a Data Breach – Third Party Provider Data Stolen

NBA suffers a Data Breach – Third Party Provider Data Stolen

March 21, 2023
Ferrari – Cyber Attack Ransom Demanded

Ferrari – Cyber Attack Ransom Demanded

March 21, 2023
%d bloggers like this: