Russia-affiliated Shuckworm Intensifies Cyber-Attacks on Ukraine
Symantec said the new campaign focused on acquiring military and security intelligence
Critical infrastructure depends on interconnected operational systems, where cyber incidents can disrupt essential services, safety, and availability.
Search across headline titles and summaries.
Background for this topic.
Critical infrastructure includes systems and assets vital for public health, safety, and economic stability, such as power grids, water treatment, transportation networks, and healthcare facilities. These systems often combine physical components with industrial control systems (ICS) and operational technology (OT) that manage essential services in real time.
From an information-security perspective, critical infrastructure faces risks like unauthorized access to control systems, disruption of service availability, and manipulation of sensor data. Defending these assets requires specialized security measures tailored to ICS environments, including network segmentation, strict access controls, and continuous monitoring for anomalies. Ensuring resilience also involves coordinated efforts between operators and government agencies to address vulnerabilities unique to legacy systems and proprietary protocols.
Symantec said the new campaign focused on acquiring military and security intelligence
The Russian threat actor known as Shuckworm has continued its cyber assault spree against Ukrainian entities in a bid to steal sensitive information from compromised environments
The Russian state-sponsored hacking group Gamaredon (aka Armageddon, or Shuckworm) continues to target critical organizations in Ukraine's military and security intelligence sectors, employing a refreshed toolset and new infection tactics. [...]
St. Margaret's Health is shutting down due to a 2021 ransomware attack and other factors. It's an object lesson for how small and rural healthcare facilities face grave cyber-risk when extortionists come calling.
Users urged to apply updates to FortiOS SSL-VPN after attackers may have leveraged a recently discovered vulnerability in attacks against government, manufacturing, and critical infrastructure organizations.
Engineering workstations, SCADA and automation servers, historians and PLCs identified as highest risk
While protecting critical infrastructure seems daunting, here are some critical steps the industry can take now to become more cyber resilient and mitigate risks.
Conflict could be first shooting war to deploy armies of ‘citizen hackers’ that cause at-risk organisations to rethink their defensive strategies Sponsored Feature When military historians come to chronicle the first 15 months of the Russian invasion of Ukraine, they won't find any shortage of battlefront bulletins to inform their accounts.…
Fortinet on Monday disclosed that a newly patched critical flaw impacting FortiOS and FortiProxy may have been "exploited in a limited number of cases" in attacks targeting government, manufacturing, and critical infrastructure sectors
Fortinet says a critical FortiOS SSL VPN vulnerability that was patched last week "may have been exploited" in attacks impacting government, manufacturing, and critical infrastructure organizations. [...]
The group appears to be targeting victims based on their proximity and involvement to and within pro-Ukraine organizations.