Russia-Aligned ELECTRUM Tied to December 2025 Cyber Attack on Polish Power Grid

The "coordinated" cyber attack targeting multiple sites across the Polish power grid has been attributed with medium confidence to a Russian state-sponsored hacking crew known as ELECTRUM. Operational technology OT cybersecurity company Dragos, in a new intelligence brief published Tuesday,...

Load-Altering Attacks against Power Grids: a Case Study Using the GB-36 Bus System Open Dataset

The growing digitalization and the rapid adoption of high-powered Internet-of-Things IoT-enabled devices e.g., EV charging stations have increased the vulnerability of power grids to cyber threats. In particular, the so-called Load Altering Attacks LAAs can trigger rapid frequency fluctuations an...

SimProcess: High Fidelity Simulation of Noisy ICS Physical Processes

Industrial Control Systems ICS manage critical infrastructures like power grids and water treatment plants. Cyberattacks on ICSs can disrupt operations, causing severe economic, environmental, and safety issues. For example, undetected pollution in a water plant can put the lives of thousands at...

Russia Attacked Ukraine's Power Grid at Least 66 Times to ‘Freeze It Into Submission’

Several of the strikes occurred far from the front lines of the conflict, indicating possible war crimes. Researchers say the attacks likely had devastating impacts on civilians...

Beers with Talos episode 141: The TurkeyLurkey Man wants YOU to read Talos' Year in Review report

In this episode the Beers with Talos team, led by special guest Dave Liebenberg, set out to save Thanksgiving. The TurkeyLurkey man is the hero that everybody needs, but perhaps dont deserve. For fans and opposers of Daves Ranksgiving list, youll be pleased to know hes back with a whole new order...

Sandworm Hackers Caused Another Blackout in Ukraine—During a Missile Strike

Russia's most notorious military hackers successfully sabotaged Ukraine's power grid for the third time last year. And in this case, the blackout coincided with a physical attack...

China-Linked Hackers Breached a Power Grid—Again

Signs suggest the culprits worked within a notorious Chinese hacker group that may have also hacked Indian electric utilities years earlier...

EV Charger Hacking Poses a ‘Catastrophic’ Risk

Vulnerabilities in electric vehicle charging stations and a lack of broad standards threaten drivers—and the power grid...

New COSMICENERGY Malware Exploits ICS Protocol to Sabotage Power Grids

A new strain of malicious software that's engineered to penetrate and disrupt critical systems in industrial environments has been unearthed. Google-owned threat intelligence firm Mandiant dubbed the malware COSMICENERGY , adding it was uploaded to the VirusTotal public malware scanning utility i...

Supply Chain Attacks and Critical Infrastructure: How CISA Helps Secure a Nation's Crown Jewels

Critical infrastructure attacks are a preferred target for cyber criminals. Here's why and what's being done to protect them. What is Critical Infrastructure and Why is It Attacked? Critical infrastructure is the physical and digital assets, systems and networks that are vital to national securit...

Batteries Are Ukraine’s Secret Weapon Against Russia

With Russia regularly knocking out Ukraine’s power grid, the country has turned to high-capacity batteries to keep it connected to the world—and itself...

What Will It Take?

What will it take for policy makers to take cybersecurity seriously? Not minimal-change seriously. Not here-and-there seriously. But really seriously. What will it take for policy makers to take cybersecurity seriously enough to enact substantive legislative changes that would address the problem...

Hackers Exploiting Abandoned Boa Web Servers to Target Critical Industries

Microsoft on Tuesday disclosed the intrusion activity aimed at Indian power grid entities earlier this year likely involved the exploitation of security flaws in a now-discontinued web server called Boa. The tech behemoth's cybersecurity division said the vulnerable component poses a "supply chai...

Indian Energy Company Tata Power's IT Infrastructure Hit By Cyber Attack

Tata Power Company Limited, India's largest integrated power company, on Friday confirmed it was targeted by a cyberattack. The intrusion on IT infrastructure impacted "some of its IT systems," the company said in a filing with the National Stock Exchange NSE of India. It further said it has take...

Siemens EN100 Ethernet Module

1. EXECUTIVE SUMMARY CVSS v3 8.6 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: EN100 Ethernet Module Vulnerability: Improper Restriction of Operations within the Bounds of a Memory Buffer. 2. RISK EVALUATION Successful exploitation of this vulnerability could...

Russian Hackers Tried Attacking Ukraine's Power Grid with Industroyer2 Malware

The Computer Emergency Response Team of Ukraine CERT-UA on Tuesday disclosed that it thwarted a cyberattack by Sandworm, a hacking group affiliated with Russia's military intelligence, to sabotage the operations of an unnamed energy provider in the country. "The attackers attempted to take down...

Chinese Hacker Groups Continue to Target Indian Power Grid Assets

China-linked adversaries have been attributed to an ongoing onslaught against Indian power grid organizations, one year after a concerted campaign targeting critical infrastructure in the country came to light. Most of the intrusions involved a modular backdoor named ShadowPad, according to...

Russia Sanctions May Spark Escalating Cyber Conflict

President Biden joined European leaders this week in enacting economic sanctions against Russia in response to its invasion of Ukraine. The West has promised tougher sanctions are coming, but experts warn these will almost certainly trigger a Russian retaliation against America and its allies,...

A Drone Tried to Disrupt the Power Grid. It Won't Be the Last

An attack attempt in 2020 proves the UAS threat is real—and not enough is being done to stop it...

Smart car chargers. Plug-n-play for hackers?

Over the last 18 months, we’ve been investigating the security of smart electric vehicle chargers. These allow the owner to remotely monitor and manage the charge state, speed and timing of their car charger, among many functions. We bought 6 different brands of chargers and also reviewed securit...