Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Russia-Ukraine cyber conflict poses critical infrastructure at risk

While the Russia-Ukraine cyber conflict goes on, nation-state actors, crooks, and hacktivists continue to pose critical infrastructure at risk. Critical infrastructure is a privileged target for almost any kind of threat actor, the ongoing Russia-Ukraine cyber conflict is posing them at risk. Ongoing attacks could cause severe damages to multiple sectors, including transportation, communication, financial […]

Ukraine CERT-UA backdoor SSU PathWiper wiper

While the Russia-Ukraine cyber conflict goes on, nation-state actors, crooks, and hacktivists continue to pose critical infrastructure at risk.

Critical infrastructure is a privileged target for almost any kind of threat actor, the ongoing Russia-Ukraine cyber conflict is posing them at risk.

Ongoing attacks could cause severe damages to multiple sectors, including transportation, communication, financial services, government facilities, nuclear reactors, and critical manufacturing.

“Recently attacks on Information technology (IT) networks connected to Operational Technology (OT) components and the devices responsible for controlling plant operations are being attacked by largescale cyber-attacks amid the Russian-Ukraine crisis.” reported researchers from Cyble. “State-sponsored attackers, Advanced Persistence Threat (APT) groups and numerous hackers’ communities have been actively targeting the critical infrastructure of their enemy country. This sudden surge in attacks is due to the geopolitical events of the current Russian – Ukraine conflict.”

Researchers collected information about the attacks on critical infrastructure amid the Russia-Ukraine cyber conflict from Computer Emergency Response Teams (CERT) all around the globe and public announcements of attacks made by threat actors.

Below is the timeline of recent cyber incidents on critical infrastructure:

critical infrastructure attacks

On February 25, 2022, a group that uses the Twitter handle @LiteMods reported a DDOS attack on Russian energy giant Gazprom.

https://twitter.com/LiteMods/status/1497218871274651684

A telegram channel operated by a threat actor called “Against the West” claimed that they had breached Gazprom and on March 5, 2022, released the data allegedly stolen from Gazprom.On February 27, 2022, the hacker group Cyber Partisans hit the breached the Belarusian Railway’s data-processing network, , the group claims to have blocked all services and will deactivate them until Russian troops will leave the territory of Belarus.


On March 1st, 2022, a hacktivist group using the Twitter handle @GS_M4F14 claimed to have breached the Nuclotron-based Ion Collider facility (NICA). 

The same group also claimed to have stolen “SQLI dump, SMB leaks, FTP server dump, Private GitLab’s of JINR and Department of Russia.”

https://twitter.com/Ksecureteamlab/status/1498696774193758215

On March 6, the Twitter handle @JoanneHuggins6 reported to have hacked Russia SCADA systems and stopped them, the day after they also claimed to have hacked the water supply systems of Russia.

“Cyber-attacks on critical infrastructure can result in loss of life, monetary and economic issues, or reputational damage. Moreover, they can spark significant events within the country that can impact the economy overall.” concludes the report. “Researchers at Cyble believe that the frequency of incidents concerning critical sectors will rise in the coming months. The amount of information available in the public domain concerning the techniques used in exploiting the critical infrastructure at this current time will allow numerous attacks by malicious hackers on countries due to geopolitical issues.”

Follow me on Twitter: @securityaffairs and Facebook

[adrotate banner=”9″][adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, APT31)

[adrotate banner=”5″]

[adrotate banner=”13″]