The hackers responsible for breaching the systems of multiple U.S. energy operators since May 2017 employed a phishing scheme that used malicious attachments to download a template file via an SMB connection, in order to silently harvest credentials, according to a blog post from Cisco Talos.
Since May, foreign hackers have breached computer networks at 12 or more U.S. power plants, including nuclear facilities, prompting the FBI and DHS to issue an urgent amber warning to utility companies, according to reports.
Kaspersky further reported that 60 percent of NotPetya infections took place in Ukraine, while Russia experienced just over 30 percent.
The Lithuanian, Latvian and Estonian power grids have all been targeted by Russia undergoing a series of limited Distributed Denial of Service (DDoS) over the last few years that may be probing for weaknesses.
Approximately 3,000 unique industrial sites per year are randomly infected with generic malware, while attacks involving malware specifically designed to target industrial control systems are far less common, according to a study.
It's estimated that power companies in Russia suffered more than 350 serious cyber-attacks in 2016, a 50 percent increase on the previous year.
Researchers may have found a tenuous link between a cyberespionage organization's credentials-stealing trojan and the Shamoon hacking group that's been targeting Saudi energy companies with Disttrack disk-wiping malware.
Secretary of Homeland Security Jeh Johnson on Friday officially declared the U.S. electoral system as critical infrastructure.
The KillDisk disk-wiper program that was used in conjunction with BlackEnergy malware to attack Ukrainian energy utilities now includes a ransomware component, according to researchers at CyberX.
A network breach risk assessment of over 20 organizations found that 100 percent showed signs of traffic tunneling, DNS-related exfiltration and malformed protocols in outbound traffic - all indicators of attackers using evasion and exfiltration techniques.
Professional hackers infiltrated the systems of Germany-based industrial conglomerate ThyssenKrupp earlier this year, stealing intellectual property, research and secrets.
One of the best ways to test incident readiness is a tabletop exercise, a mock incident administered for senior leadership, IT, security, legal, corporate communications and business line readiness.
The BlackNurse DOS attack uses ICMP messages to clog up firewalls with traffic.
Officials with the Lansing Board of Water & Light publicly acknowledged on Tuesday that the utility paid $25,000 to regain control of its accounting and email systems in the days following an April 25 ransomware attack.
The DDoS attacks that shuttered the Dyn DNS service on Oct. 21 set a precedent that could disrupt the presidential election next week, according to a report from Imperva Incapsula.
International Atomic Energy Agency's (IAEA) director Yukiya Amano said there was a successful cyberattack of a nuclear power plant two to three years ago.
Eugene Kaspersky, CEO of Kaspersky Lab speaks at IP EXPO Europe 2016 and explains why he believes cyber-attackers are now turning their attention to critical national infrastructure.
ISC released an update Tuesday for a high-severity security flaw affecting open source software that implements DNS protocols.
Nearly three-quarters of businesses have end-of-support devices operating in their networks, and the consequences could prove dire, a new study found.
An association of state officials has published an open letter that seeks to strengthen public confidence in the electoral process, in light of research that has raised questions about the security of voting machines.
While it might not include the Death Star cyber warfare among the stars is almost inevitable.
The security threat from the Internet of Things (IoT) has grown real because far too many of those sneaky IoT devices fly in under the radar. Corporate maintenance, facilities and operations departments are not accustomed to requesting IT's signoff on purchasing light bulbs or door locks. And yet, when those devices have their own independent - or dependent - communications capabilities, they are an easy backdoor for cyberthieves.
A Tripwire survey found IT staffers in the energy sector frequently don't have the data needed to see if their assumptions on how their security apparatus function are correct.
Hinkley Point C nuclear power station to go ahead with Chinese involvement despite previous concerns
Despite concerns over security from both the Prime Minister and one of her chiefs of staff, Hinkley Point C nuclear power station has been given a green light today for construction with backing from China.