A new advanced persistent threat (APT) group dubbed ChamelGang has been targeting Russian Energy and Aviation industries, as well as entities in 9 other countries.
A ransomware attack has crippled the largest U.S. pipeline operator, Colonial Pipeline, shutting down 45% of the East Coast’s supply of fuel. As a result, USDOT issued an emergency waiver to allow easier transports of fuel by truck in those states affected. Colonial also issued a new statement confirming pipeline systems have been restarted.
Major European energy company giant Enel Group was a target of a recent ransomware attack that impacted its internal network. The Enel Group is an Italian energy company active in the electricity generation and distribution sectors, as well as distribution of natural gas.
Security researchers have spotted a spearphishing campaign that targets companies in the oil and gas sector to drop Agent Tesla malware.
Malicious cyber actors carried out by the Russian Government are targeting network infrastructure devices (e.g., routers, switches, firewalls, Network-based Intrusion Detection System (NIDS) devices).
Russian government cyber activity has targeted U.S Government entities, energy and other critical infrastructure sectors. The activity has been active since at least March 2016, according to a US-CERT Technical Alert (TA).