Total Tests:
Stay in Touch

Get exclusive updates and invitations to our events and webinars:


Your data will stay confidential Private and Confidential

Denmark Weathered Wave of Cyber Attacks on Energy Infrastructure in May, Industry Non-profit Reveals

By Scott Ikeda for CPO Magazine
Tuesday, November 21, 2023

The breaches followed on from vulnerabilities disclosed in April, primarily CVE-2023-28771. However, the energy infrastructure devices were not visible to the scanning tools (such as Shodan) that hackers usually make use of in the wake of public vulnerability disclosures. That, along with certain tools and zero-days used in the attacks, leads SektorCERT to believe that advanced persistent threat groups backed by nation-states were responsible. The report specifically names Russia’s Sandworm group, a highly advanced team known to be a direct part of the GRU, as one of the suspects. “Multiple” groups were reportedly involved, however, and some were not as successful as others.

Dr. Ilia Kolochenko, Founder of ImmuniWeb, notes that being a suspect is not the same as a confirmation: “Attribution of attacks targeting critical infrastructure remains a highly complex, multifaceted and uncertain task. Sophisticated threat actors may purposely frame each other, as well as known hacking groups, hacktivists or even some notorious nation states. At the same time, the abundance of vulnerable devices and servers with publicly known and exploitable-in-default-configuration vulnerabilities greatly facilitate such attacks. Worse, countless bots may automatically exploit some simple vulnerabilities, creating a lot of noise in logs and making investigation a time-consuming task. Moreover, some devices have limited storage capabilities and older logs are simply unavailable. With the upcoming implementation of NIS 2 directive, the situation shall become slightly better but European governments will be required to allocate significantly more money to the protection of national infrastructure from cyber attacks.” Read Full Article


Book a Call Ask a Question
Close
Talk to ImmuniWeb Experts
ImmuniWeb AI Platform
Have a Technical Question?

Our security experts will answer within
one business day. No obligations.

Have a Sales Question?
Email:
Tel: +41 22 560 6800 (Switzerland)
Tel: +1 720 605 9147 (USA)
*
*
*
*
Your data will stay private and confidential