The companies responsible for the generation, transmission, and distribution of electricity have attracted the attention of an increasing number of cyberattack groups, industrial-control system security firm Dragos said in a report published on Jan. 9.
In recent months, four groups have expanded their activities to conduct early reconnaissance and attack efforts against electric utilities. Two of the groups, which Dragos refers to as Parasite and Magnallium, appear to have links to an Iranian state-sponsored cyber-espionage group, dubbed APT33 and Elfin by other security firms. Dragos does not attribute attacks to specific actors, but noted in the report that Magnallium's "increased activity coincides with rising escalations between the US ... and Iran in the Middle East."
Overall, seven of the 11 groups that Dragos tracks now appear interested in reconnoitering and compromising electric utilities, says Amy Bejtlich, director of intelligence analysis for Dragos.
"Across the board we are seeing an increase in activity, an increase in targeting, and an increase in sophistication," she says. "Adversary groups are recognizing the value of targeting industrial environments, so as defenders, we have to be aware of activity, not just in one sector, but across all sectors."
The report comes as tensions continued to rise between the United States and Iran, following the US assassination of Iranian Gen. Qasem Soleimani, the subsequent Iranian missile attack on military bases housing American soldiers in Iraq, and the revelation that the downing of a Ukraine International Airlines plane flying from Iran was likely due to an anti-missile system. Security experts have worried that the tensions may ..
Support the originator by clicking the read the rest link below.
