electric grid (16)

10733059301?profile=RESIZE_400xActivity Summary - Week Ending on 29 July 2022:

  • Red Sky Alliance identified 25,992 connections from new IP’s checking in with our Sinkholes
  • Hetzner 10x
  • Analysts identified 309 new IP addresses participating in various Botnets
  • Ransomware UpDate
  • Adversary-in-the-Middle - AiTM
  • South Africa under Attack
  • Mercenary Spyware
  • T-Mobile
  • US Electric Grid
  • Kherson Ukraine

Link to full report: IR-22-210-002_weekly210.pdf

10732911664?profile=RESIZE_400xIn the past five (5) years there has been a wide-ranging espionage operation in which more than 150 companies were targeted to be hacked in Germany alone: especially in the area of critical infrastructure companies.  Specifically, the hackers sought out electricity and water supply systems.  After years of investigation, the Germany’s State Criminal Police Office of Baden-Württemberg succeeded in identifying one of the suspected perpetrators: Pawel A.

This state backed hacker is said to belong t

10675689695?profile=RESIZE_400xThe Infrastructure Investment and Jobs Act,[1] as passed by the US Congress in November 2021, authorizes $7.5 billion to help meet US President Joe Biden's goal of installing 500,000 electric vehicle charging stations by 2030.  Biden aims to have EVs represent half of all new vehicles being sold in the US by 2030.  But as the number of stations increases, the number of vulnerabilities does as well.

For the past several years, hackers have been busy targeting their cyber-attacks at electrical sys

10513781884?profile=RESIZE_400xThere is serious legal reasoning that cyber-attacks against a nation’s critical infrastructure could be reasoned as a war crime.[1]  The University of California (UC), Berkeley Human Rights Center’s recent recommendations for war crime charges against the Sandworm hacking group, which was sent to the International Crimes Commission (ICC) before some of the most recent cyberattacks fully came to light, single out Sandworm’s two blackout attacks in 2015 and 2016 for legal and practical reasons: Sa

10438487083?profile=RESIZE_400xWhite hat hackers recently won $40,000 for cracking a system used by most major industrial companies, including the ones that manage our power grids, and they told MIT Technology Review it was extremely easy.  The challenge was to hack industrial control systems, specifically the hardware and software used to control power grids, water treatment facilities, and other critical infrastructure. 

Because so many people rely on this infrastructure, hackers can ask for and receive large ransoms in exc

10012032279?profile=RESIZE_400xActivity Summary - Week Ending on 14 January 2022:

  • Red Sky Alliance identified 24,345 connections from new IP’s checking in with our Sinkholes
  • Microsoft IP’s in UK and N. Ireland hit
  • Analysts identified 1,435 new IP addresses participating in various Botnets
  • Rook Ransomware
  • More Log4j
  • Ukraine Cyber Bust
  • UK NHS
  • Who’s Winning?
  • Google Docs
  • The Electric Grid’s Hot Wires
  • BLM suing LAPD

Link to full report: IR-22-014-001_weekly014.pdf

9933098252?profile=RESIZE_400xThe US and the UK have ‘quietly’ sent cyber warfare experts to Ukraine to help sabotage any cyber warfare threats like that in the 2015 Ukraine power grid hack when Russian hackers remotely took over a power company’s control center.  It was the first publicly international acknowledged attack using digital weaponry that attacked the Ukrainian power grid, causing power outages across the country.  In the hopes of protecting the Ukraine, as the US and allies speculate the next move of Russia, bot

9788180259?profile=RESIZE_400xWith the ability to largely secure critical infrastructure from ground level attacks and a current strong focus on cybersecurity, a potential new attack vector from the air is being presented with the wide availability of citizen drones.

Originally reported through Popular Mechanics[1] who obtained reports in a 28 October 2021 US government bulletin, media describes a crashed drone found on the roof of a building next to a Pennsylvania substation in July 2020.  Experts believe the drone was like

9088943900?profile=RESIZE_400x"They went after our gas and they went after our hot dogs.  No one is out of bounds here. Everyone is in play here," warned Christopher Krebs, former director of cybersecurity at Department of Homeland Security.  From natural phenomena to cyberattacks like the massive SolarWinds operation and recent attack on the Colonial Gas Pipeline, security experts warn it is clear that most businesses and key infrastructure like power grids across this country are pitifully unprepared to meet such threats.

8925521275?profile=RESIZE_400xCritical infrastructure in any country relies on energy sources and transmission for proper and safe national operations.  A direct cyber shot was delivered to the US oil and gas industry, allegedly by a Russian criminal group known as DarkSide.  DarkSide is suspected in the ransomware attack that shut down the US-Georgia based Colonial Pipeline, which immediately created fuel shortages to cars, trucks and the airline industry. 

This pipeline attack now has other energy sector officials on edge

8895950496?profile=RESIZE_400xThe current US administration is introducing a 100-day plan to improve cybersecurity and address cyber threats across the nation's electrical grid.  Officials state the program is part of a broader cybersecurity plan designed to address issues across the nation's critical infrastructure.

The 100-day initiative will involve government agencies that are responsible for the security of critical infrastructure as well as businesses and private utilities that oversee or own infrastructure, such as el

8759297281?profile=RESIZE_400xUS Lawmakers and security experts have expressed disappointment that US President Joe Biden’s $2.25 trillion infrastructure plan does not include funding to protect vital facilities against the growing threat of cyberattacks.  This infrastructure package failed to provide money to defend critical systems, such as the US power grid, against hackers, according to media sources last week.  “Any critical infrastructure modernization must take cybersecurity into account from the start,” said the OT d

8574928466?profile=RESIZE_400xActivity Summary - Week Ending 19 February 2021:

  • VW Jetta Headlights VACAR-CN
  • Cheyenne Cloud Shards & C2 Compromise
  • Red Sky Alliance identified 37,941 connections from new unique IP addresses
  • Analysts identified 2,217 new IP addresses participating in various Botnets
  • Bazar/Team9 and MS
  • TX Wind Power Turbines Freeze
  • France and the Sandworm Group
  • Norway Oil worker’s Strike Averted
  • Major Oil find offshore in South Africa, Looks to Govt for Approval

Link to full article:  IR-21-050-001_Energy_050F

8326228084?profile=RESIZE_400xWith the new incoming US government and other international countries looking seriously at renewable energy sources; so are hackers, who are no fools and are researching ways to compromise the future of energy.  The ‘rush’ to renewable energy technology may open multiple cybersecurity threats and vulnerabilities if caution is not placed on cyber security and these energy source developments. 

Quick developing solar and wind technologies present new risks to power grid security, especially as sma

6710390901?profile=RESIZE_400xThe electric grid is so important to any country’s national security and thus the high importance of keeping the electricity flowing.  Even an outage of only a few minutes can wreak havoc on any residence or business.  Cyber attackers responsible for distributing LookBack malware are targeting US utility providers with a new threat called “FlowCloud.”  The FlowCloud modular remote-access trojan (RAT) has similarities and connections to the LookBack malware.  The LookBack at its core is a remote

4962311081?profile=RESIZE_400xA US federal executive order was issued on 1 May 2020 which proposes to “monitor and replace” any US power grid equipment made by its foreign adversaries.  Security professional said it would mainly affect Chinese-made products like electrical transformers.  The US Department of Energy (DOE) stated under the current US procurement rules, contracts are awarded to the lowest bidder when it comes to bulk power system procurement.  That creates a "vulnerability that can be exploited by those with ma