Community Edition
Total Tests:
This Week:
Today:
Cyber Law Blog
Phobos Ransomware Admin Extradited From South Korea
November 21, 2024
Dark Web Crypto Mixer Founder Sentenced to Over 12 Years for Money Laundering
November 14, 2024
Global Сybercrime Сrackdown Takes Down Over 22K Malicious IPs And Servers
November 7, 2024
REvil Gang Members Sentenced
October 31, 2024
US Cop Indicted Over Buying Stolen Data
October 24, 2024
Stay in Touch

Get exclusive updates and invitations to our events and webinars:


Your data will stay confidential Private and Confidential

ImmuniWebInternational Media Coverage

Denmark Weathered Wave of Cyber Attacks on Energy Infrastructure in May, Industry Non-profit Reveals

By Scott Ikeda for CPO Magazine
Tuesday, November 21, 2023

The breaches followed on from vulnerabilities disclosed in April, primarily CVE-2023-28771. However, the energy infrastructure devices were not visible to the scanning tools (such as Shodan) that hackers usually make use of in the wake of public vulnerability disclosures. That, along with certain tools and zero-days used in the attacks, leads SektorCERT to believe that advanced persistent threat groups backed by nation-states were responsible. The report specifically names Russia’s Sandworm group, a highly advanced team known to be a direct part of the GRU, as one of the suspects. “Multiple” groups were reportedly involved, however, and some were not as successful as others.

Dr. Ilia Kolochenko, Founder of ImmuniWeb, notes that being a suspect is not the same as a confirmation: “Attribution of attacks targeting critical infrastructure remains a highly complex, multifaceted and uncertain task. Sophisticated threat actors may purposely frame each other, as well as known hacking groups, hacktivists or even some notorious nation states. At the same time, the abundance of vulnerable devices and servers with publicly known and exploitable-in-default-configuration vulnerabilities greatly facilitate such attacks. Worse, countless bots may automatically exploit some simple vulnerabilities, creating a lot of noise in logs and making investigation a time-consuming task. Moreover, some devices have limited storage capabilities and older logs are simply unavailable. With the upcoming implementation of NIS 2 directive, the situation shall become slightly better but European governments will be required to allocate significantly more money to the protection of national infrastructure from cyber attacks.” Read Full Article


Previous Media Publications:

CPO Magazine: Ransomware Group Trolls Victim With SEC Complaint After Data Breach

American Banker: Hacker chutzpah: Ransomware group says it reported victim to SEC

This website uses cookies to provide you with a better surfing experience. To learn more, please visit our Privacy Policy. By continuing to use this website you consent to our use of cookies.

Book a Call Ask a Question
Close
Talk to ImmuniWeb Experts
ImmuniWeb AI Platform
Have a Technical Question?

Our security experts will answer within
one business day. No obligations.

Have a Sales Question?
Email:
Tel: +41 22 560 6800 (Switzerland)
Tel: +1 720 605 9147 (USA)
*
*
*
*
Your data will stay private and confidential