Community Edition
Total Tests:
This Week:
Today:
Recent Blog Posts
Hacker Gets Home Confinement For Sabotaging US Water Treatment Facility
May 16, 2024
LockBit Boss Identified, Charged And Sanctioned By The US And Partners
May 9, 2024
REvil Ransomware Operator Behind The Kaseya Supply Chain Hack Sentenced To 13 Years In Prison
May 2, 2024
Four Iranian Hackers Charged With Cyberattacks On American Firms
April 25, 2024
An Ex-Amazon Security Engineer Gets 3 Years In Jail For Hacking And Crypto Theft
April 18, 2024
Stay in Touch

Get exclusive updates and invitations to our events and webinars:


Your data will stay confidential Private and Confidential

ImmuniWebInternational Media Coverage

Denmark Weathered Wave of Cyber Attacks on Energy Infrastructure in May, Industry Non-profit Reveals

By Scott Ikeda for CPO Magazine
Tuesday, November 21, 2023

The breaches followed on from vulnerabilities disclosed in April, primarily CVE-2023-28771. However, the energy infrastructure devices were not visible to the scanning tools (such as Shodan) that hackers usually make use of in the wake of public vulnerability disclosures. That, along with certain tools and zero-days used in the attacks, leads SektorCERT to believe that advanced persistent threat groups backed by nation-states were responsible. The report specifically names Russia’s Sandworm group, a highly advanced team known to be a direct part of the GRU, as one of the suspects. “Multiple” groups were reportedly involved, however, and some were not as successful as others.

Dr. Ilia Kolochenko, Founder of ImmuniWeb, notes that being a suspect is not the same as a confirmation: “Attribution of attacks targeting critical infrastructure remains a highly complex, multifaceted and uncertain task. Sophisticated threat actors may purposely frame each other, as well as known hacking groups, hacktivists or even some notorious nation states. At the same time, the abundance of vulnerable devices and servers with publicly known and exploitable-in-default-configuration vulnerabilities greatly facilitate such attacks. Worse, countless bots may automatically exploit some simple vulnerabilities, creating a lot of noise in logs and making investigation a time-consuming task. Moreover, some devices have limited storage capabilities and older logs are simply unavailable. With the upcoming implementation of NIS 2 directive, the situation shall become slightly better but European governments will be required to allocate significantly more money to the protection of national infrastructure from cyber attacks.” Read Full Article


Previous Media Publications:

CPO Magazine: Ransomware Group Trolls Victim With SEC Complaint After Data Breach

American Banker: Hacker chutzpah: Ransomware group says it reported victim to SEC

This website uses cookies to provide you with a better surfing experience. To learn more, please visit our Privacy Policy. By continuing to use this website you consent to our use of cookies.

Book a Call Ask a Question
Close
Talk to ImmuniWeb Experts
ImmuniWeb AI Platform
Have a technical question?

Our security experts will answer within
one business day. No obligations.

Have a sales question?
Email:
Tel: +41 22 560 6800 (Switzerland)
Tel: +1 720 605 9147 (USA)
*
*
*
*
Your data will stay private and confidential