🔌 Russia’s Sandworm Linked to Unprecedented Danish Energy Hack 🔌 A new report reveals that a notorious Russian hacker group, known as Sandworm, was behind a cyberattack that targeted Denmark’s largest energy company, Ørsted, in November 2022. The attack, which lasted for several hours, disrupted the company’s power distribution and wind farm operations, affecting more than a million customers across the country. The report, published by the Danish cybersecurity firm CSIS, says that the hackers used a sophisticated malware called BlackEnergy, which has been linked to previous attacks on Ukraine’s power grid in 2015 and 2016. The malware was designed to infiltrate the industrial control systems (ICS) that manage the energy infrastructure, and cause physical damage or sabotage. The report also says that the hackers exploited a vulnerability in a software component called OPC, which is widely used in ICS environments to communicate between different devices and systems. The vulnerability, which was disclosed in October 2022, allowed the hackers to execute arbitrary code on the OPC servers and gain access to the ICS network. The attack on Ørsted is considered to be the first known case of BlackEnergy being used against a Western energy company, and the largest ICS-related cyberattack in Europe. The report warns that the attack could be a sign of a broader campaign by Sandworm, which is believed to be affiliated with the Russian military intelligence agency GRU, to target critical infrastructure in the West. Sandworm is also responsible for other high-profile cyberattacks, such as the NotPetya ransomware outbreak in 2017, the SolarWinds supply chain compromise in 2020, and the attempted blackout in Ukraine in 2021. The report urges energy companies and other ICS operators to patch their systems, monitor their networks, and implement security best practices to prevent similar attacks in the future. 🛡️ https://lnkd.in/gbpRvydP #industrialcybersecurity #IIoT #IndustrialIoT #SCADA #OTsecurity #NERC #scadahacking #cybersecurity #infosec #hacking #malware #ransomware #vulnerabilities
