6 matches found
U.S. Charges 6 Russian Intelligence Officers Over Destructive Cyberattacks
The US government on Monday formally charged six Russian intelligence officers for carrying out destructive malware attacks with an aim to disrupt and destabilize other nations and cause monetary losses. The individuals, who work for Unit 74455 of the Russian Main Intelligence Directorate GRU, ha...
NotPetya Linked to Industroyer Attack on Ukraine Energy Grid
The massive NotPetya ransomware outbreak that crippled organizations around the world last year turns out to have links to the Industroyer backdoor, which targets industrial control systems ICS and took down the Ukrainian power grid in Kiev in 2016. In fact, the same threat actor – dubbed TeleBot...
The Aurora Power Grid Vulnerability and the BlackEnergy Trojan
At recent Industrial IoT security briefings, the Aurora vulnerability has come up repeatedly. Attendees ask, “Is our country’s power grid safe? How can we protect the grid? What is Aurora?” This post provides a look at Aurora, and the BlackEnergy attack that can exploit Aurora. In March 2007, the...
From BlackEnergy to ExPetr
Much has been written about the recent ExPetr/NotPetya/Nyetya/Petya outbreak - you can read our findings here:Schroedinger's Petya and ExPetr is a wiper, not ransomware. As in the case of Wannacry, attribution is very difficult and finding links with previously known malware is challenging. In th...
KillDisk Ransomware Targets Linux; Demands $250,000 Ransom, But Won't Decrypt Files
What you'll do if Ransomware infects you? Should you pay or not to recover your files? Believe me, the FBI advises - Pay off the criminals to get your files back if you don't have a backup. But paying off a ransom to cyber criminals is definitely not a wise option because there is no guarantee...
Hackers Cause World's First Power Outage with Malware
SCADA system has always been an interesting target for cyber crooks, given the success of Stuxnet malware that was developed by the US and Israeli together to sabotage the Iranian nuclear facilities a few years ago, and "Havex" that previously targeted organizations in the energy sector. Now once...