Russia's Sandworm Group Tried to Take Down Ukrainian Energy Facilities Last Week
CISA orders WatchGuard Firebox and XTM firewall appliances patches, Panasonic confirms second cyber attack, Five serious bugs patched in healthcare robots, Google sues puppy-buying scammer, much more
Check out my latest CSO column on NIST’s efforts to develop a risk management framework for artificial intelligence.
The Ukrainian Government Computer Emergency Response Team (CERT-UA) said the Russian state-based threat group Sandworm (UAC-0082) tried to take down Ukrainian energy facilities using Industroyer2 and CaddyWiper malware.
The attack was discovered in collaboration with researchers at ESET. ESET estimates with high confidence that the attackers used a new version of the Industroyer malware, which was used in 2016 to cut power in Ukraine
The attackers intended to disable several infrastructure elements of the attack object, including electrical substations using the Industroyer2 malware, computers running the Windows operating system, server hardware running the Linux operating system using malicious destructor scripts, and active network equipment.
The victim organization experienced two waves of attacks. The initial compromise occurred no later than February 2022. On April 8,…
Keep reading with a 7-day free trial
Subscribe to Metacurity to keep reading this post and get 7 days of free access to the full post archives.