"It called the attacks irresponsible, and if they succeeded in disrupting the country's power grid, it could have led to civilian deaths given the timing. "An attack on a power grid at any time is irresponsible, but to carry it out in the depths of winter is potentially lethal to the civilian population dependent on it," Dragos said. "It is unfortunate that those who attack these systems appear to deliberately choose timing that maximizes impact on civilian populations.""
"Dragos, which attributed the attacks to the group it calls Electrum but most others call Sandworm, described the attacks as a world-first for targeting distributed energy sources (DERs), which are smaller sites connected to a country's central power grid. The attacks bore similarities with those carried out by Russia a decade ago in Ukraine, where GRU-affiliated Sandworm attackers compromised the country's power grid."
Dragos is working with one of roughly 30 affected power facilities. The attacks are attributed to a group called Electrum by Dragos and linked to Sandworm by others. The attackers used DynoWiper and coordinated compromises across many distributed energy resources (DERs). DERs are smaller, grid-connected sites that often lack the cybersecurity investment of centralized facilities. Targeting DERs represents an evolution in tradecraft and mirrors previous GRU-linked attacks in Ukraine. A successful disruption of power in winter could have caused civilian deaths, and the timing appeared aimed at maximizing civilian impact.
Read at Theregister
Unable to calculate read time
Collection
[
|
...
]