Warning: Undefined array key "HTTP_ACCEPT_LANGUAGE" in /home/u596154002/domains/usbusinessreviews.com/public_html/wp-includes/load.php on line 2057

Notice: Function _load_textdomain_just_in_time was called incorrectly. Translation loading for the rank-math domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /home/u596154002/domains/usbusinessreviews.com/public_html/wp-includes/functions.php on line 6114
These new hacking groups are striking industrial, operational tech targets - Best Business Review Site 2024

These new hacking groups are striking industrial, operational tech targets

[ad_1]

Three new threat groups targeting the industrial sector have appeared but over half of all attacks are the work of only two known cybercriminal outfits, researchers say. 

Cyberattacks launched against industrial players, providers of critical infrastructure, utilities, and energy companies — whether oil, gas, or renewables — are often less about making a quick buck and more about data theft or causing real-world disruption. 

The ransomware incidents experienced by Colonial Pipeline and JBS called attention to the ramifications of digital attacks on supply chains. 

After Colonial Pipeline temporarily halted delivery services to investigate a cyberattack, fuel panic-buying took place across parts of the United States. JBS, a global meatpacker, paid an $11 million ransom but this was not enough to prevent delays in meat pricing and a drop in cattle slaughter due to market uncertainty. 

Industrial cyberattacks, especially those conducted by advanced persistent threat (APT) groups, can also be political in nature. 

There is brewing tension between Russia and Ukraine, and the former has been accused of responsibility for ongoing cyberattacks, including a distributed denial-of-service (DDoS) assault on government websites. Financial services in the country have also been impacted

The Kremlin has denied any involvement. Russia has also been accused of a 2015 cyberattack that took down Ukraine’s power grid

Ukrainian officials have also pointed the finger at Russia for deliberately attempting to sow panic through the disruption — and as we’ve seen with past infrastructure-based attacks on private companies, the general public and its behavior can certainly be affected by such activities. 

In Dragos’ fifth Year In Review report on Industrial Control System (ICS) & Operational Technology (OT) threats, the cybersecurity firm said that three new groups have been discovered “with the assessed motivation of targeting ICS/OT.”

The discovery comes on the heels of last year’s research which detailed the exploits of four other activity groups, dubbed Stibnite, Talonite, Kamacite, and Vanadinite.

Dragos’ new activity groups are called Kostovite, Petrovite and Erythrite.

Kostovite: In 2021, Kostovite targeted a major renewable energy organization. The threat actors used a zero-day vulnerability in the remote access software solution Ivanti Connect Secure to obtain direct access to the firm’s infrastructure, move laterally, and steal data.

Kostovite has targeted facilities in North America and Australia. 

This group has overlaps with UNC2630, a Chinese-speaking cyberattack group, and is associated with 12 malware families.  

Petrovite: Appearing on the scene in 2019, Petrovite has frequently targeted mining and energy businesses in Kazakhstan. This group makes use of the Zebrocy backdoor and conducts general reconnaissance.

Erythrite: Erythrite, active since at least 2020, is a threat group that generally targets organizations in the US and Canada. The target list is broad and includes oil and gas, manufacturers, electricity firms, and one member of the Fortune 500. 

“Erythrite performs highly effective search engine poisoning and deployment of credential-stealing malware,” Dragos says. “Their malware is released as part of a rapid development cycle designed to be evasive to endpoint detection. Erythrite has technical overlaps to another group labeled by multiple IT security organizations as Solarmarker.”

Kostovite and Erythrite have demonstrated the skills to conduct sophisticated intrusions, “with a focus on access operations and data theft over disruption,” according to Dragos.

“[These] adversaries are willing to spend time, effort, and resources targeting, compromising, and harvesting information from ICS/OT environments for future purposes,” Dragos says. 

The new players on the scene join Lockbit 2.0 and Conti, estimated to be responsible for 51% percent of all ransomware attacks in the manufacturing sector. 

Additionally, Dragos researched the general state of industrial security. According to the firm, OT threat triage is “incredibly difficult at scale” as 86% of engagements have an existing lack of network visibility.

Previously undetected external connections, shared credentials, and improper network segmentation were common OT security issues, and over double the number of industry-related CVE vulnerabilities was published in 2021 in comparison to 2020.

Dragos says that over a third of CVE advisories also contain inaccurate data and errors when it comes to ICS/OT, making the challenge of patching emerging vulnerabilities correctly more difficult. In addition, 65% of advisories for public vulnerabilities had a patch available, but no alternative means of mitigation. 

Previous and related coverage


Have a tip? Get in touch securely via WhatsApp | Signal at +447713 025 499, or over at Keybase: charlie0


[ad_2]

Source link

slot gacor slot gacor togel macau slot hoki bandar togel slot dana slot mahjong link slot link slot777 slot gampang maxwin slot hoki slot mahjong slot maxwin slot mpo slot777 slot toto slot toto situs toto toto slot situs toto situs toto situs toto situs toto slot88 toto slot slot gacor thailand slot bet receh situs toto situs toto slot toto slot situs toto situs toto situs toto situs togel macau toto slot slot demo slot pulsa slot pragmatic situs toto deposit dana 10k surga slot toto slot link situs toto situs toto slot situs toto situs toto slot777 slot gacor situs toto slot slot pulsa 10k toto togel situs toto slot situs toto slot gacor terpercaya slot dana slot gacor pay4d agen sbobet kedai168 kedai168 deposit pulsa situs toto slot pulsa situs toto slot pulsa situs toto situs toto situs toto slot dana toto slot situs toto slot pulsa toto slot situs toto slot pulsa situs toto situs toto situs toto toto slot toto slot slot toto akun pro maxwin situs toto slot gacor maxwin slot gacor maxwin situs toto slot slot depo 10k toto slot toto slot situs toto situs toto toto slot toto slot toto slot toto togel slot toto togel situs toto situs toto toto slot slot gacor slot gacor slot gacor situs toto situs toto cytotec toto slot situs toto situs toto toto slot situs toto situs toto slot gacor maxwin slot gacor maxwin link slot 10k slot gacor maxwin slot gacor slot pulsa situs slot 10k slot 10k toto slot toto slot situs toto situs toto situs toto bandar togel 4d toto slot toto slot