There is serious legal reasoning that cyber-attacks against a nation’s critical infrastructure could be reasoned as a war crime.[1] The University of California (UC), Berkeley Human Rights Center’s recent recommendations for war crime charges against the Sandworm hacking group, which was sent to the International Crimes Commission (ICC) before some of the most recent cyberattacks fully came to light, single out Sandworm’s two blackout attacks in 2015 and 2016 for legal and practical reasons: Sa
sandworm (6)
Those readers who were born before the Internet Age may remember seeing the Wanted Posters of criminals on the walls of US Post Offices. There were stated cash rewards for those who provided information that led to the wanted criminal’s arrest. Yes, you actually went into a federal building and mailed a letter with a postage stamp attached. What is a postage stamp? We will cover this subject in another article. The US authorities are offering a multimillion-dollar reward for anyone with info
The Sandworm Group, a Russian based APT, which recently made headlines after their botnet of machines infected with Cyclops Blink malware, was taken down by the US Department of Justice, has been busy crafting attacks targeting the Ukrainian power grid. The Computer Emergency Response Team of Ukraine (CERT-UA), had to step in and take action to thwart the attack on the country’s energy facilities. Blame for the attack has been placed on Sandworm in support of Russian military actions in Easter
A Russian-linked group known as Turla has been deploying a secondary backdoor against numerous targets to maintain persistence within compromised devices even after the primary malware has been discovered and removed from the infrastructure, according to a research report released by Cisco Talos this week.
The newly discovered backdoor, which the researchers call "TinyTurla," has been deployed against targets in the U.S. and Germany over the last two years. More recently, however, Turla has used
Activity Summary - Week Ending 19 February 2021:
- VW Jetta Headlights VACAR-CN
- Cheyenne Cloud Shards & C2 Compromise
- Red Sky Alliance identified 37,941 connections from new unique IP addresses
- Analysts identified 2,217 new IP addresses participating in various Botnets
- Bazar/Team9 and MS
- TX Wind Power Turbines Freeze
- France and the Sandworm Group
- Norway Oil worker’s Strike Averted
- Major Oil find offshore in South Africa, Looks to Govt for Approval
Link to full article: IR-21-050-001_Energy_050F
Almost five years ago, the Russian hackers known as Sandworm hit western Ukraine with the first-ever cyberattack to cause a blackout. A never-before-seen act of cyber warfare that turned out the lights for over 250,000 Ukrainians. Since then, Sandworm has perpetrated countless destructive attacks; another blackout on the Ukrainian capital of Kyiv, the release of the NotPetya worm in 2017 that spread globally and eventually caused $10 billion in damage, and an attack that temporarily crippled t