Critical infrastructure is a privileged target for almost any kind of threat actor, the ongoing Russia-Ukraine cyber conflict is posing them at risk.
Ongoing attacks could cause severe damages to multiple sectors, including transportation, communication, financial services, government facilities, nuclear reactors, and critical manufacturing.
“Recently attacks on Information technology (IT) networks connected to Operational Technology (OT) components and the devices responsible for controlling plant operations are being attacked by largescale cyber-attacks amid the Russian-Ukraine crisis.” reported researchers from Cyble. “State-sponsored attackers, Advanced Persistence Threat (APT) groups and numerous hackers’ communities have been actively targeting the critical infrastructure of their enemy country. This sudden surge in attacks is due to the geopolitical events of the current Russian – Ukraine conflict.”
Researchers collected information about the attacks on critical infrastructure amid the Russia-Ukraine cyber conflict from Computer Emergency Response Teams (CERT) all around the globe and public announcements of attacks made by threat actors.
Below is the timeline of recent cyber incidents on critical infrastructure:
On February 25, 2022, a group that uses the Twitter handle @LiteMods reported a DDOS attack on Russian energy giant Gazprom.
A telegram channel operated by a threat actor called “Against the West” claimed that they had breached Gazprom and on March 5, 2022, released the data allegedly stolen from Gazprom.On February 27, 2022, the hacker group Cyber Partisans hit the breached the Belarusian Railway’s data-processing network, , the group claims to have blocked all services and will deactivate them until Russian troops will leave the territory of Belarus.
On March 1st, 2022, a hacktivist group using the Twitter handle @GS_M4F14 claimed to have breached the Nuclotron-based Ion Collider facility (NICA).
The same group also claimed to have stolen “SQLI dump, SMB leaks, FTP server dump, Private GitLab’s of JINR and Department of Russia.”
On March 6, the Twitter handle @JoanneHuggins6 reported to have hacked Russia SCADA systems and stopped them, the day after they also claimed to have hacked the water supply systems of Russia.
“Cyber-attacks on critical infrastructure can result in loss of life, monetary and economic issues, or reputational damage. Moreover, they can spark significant events within the country that can impact the economy overall.” concludes the report. “Researchers at Cyble believe that the frequency of incidents concerning critical sectors will rise in the coming months. The amount of information available in the public domain concerning the techniques used in exploiting the critical infrastructure at this current time will allow numerous attacks by malicious hackers on countries due to geopolitical issues.”
Follow me on Twitter: @securityaffairs and Facebook
[adrotate banner=”9″] | [adrotate banner=”12″] |
(SecurityAffairs – hacking, APT31)
[adrotate banner=”5″]
[adrotate banner=”13″]
As cryptocurrencies have grown in popularity, there has also been growing concern about cybercrime involvement…
Healthcare service provider Kaiser Permanente disclosed a security breach that may impact 13.4 million individuals…
Over 1,400 CrushFTP internet-facing servers are vulnerable to attacks exploiting recently disclosed CVE-2024-4040 vulnerability. Over…
A ransomware attack on a Swedish logistics company Skanlog severely impacted the country's liquor supply. …
CISA adds Cisco ASA and FTD and CrushFTP VFS vulnerabilities to its Known Exploited Vulnerabilities…
U.S. CISA added the Windows Print Spooler flaw CVE-2022-38028 to its Known Exploited Vulnerabilities catalog.…
This website uses cookies.