"On Friday, Poland's Computer Emergency Response Team (CERT), which is part of the Ministry of Digital Affairs, released a technical report about an incident at the end of last year, where suspected Russian government hackers hacked wind and solar farms and a heat-and-power plant. According to the report, the hackers didn't face a lot of resistance. The targeted systems used default usernames and passwords and did not have multi-factor authentication enabled, both incredibly basic mistakes."
"The hackers tried to infect the systems they broke into with wiper malware designed to erase and effectively destroy the systems, perhaps trying to turn off the power, although it's unclear if that was their goal. Either way, the attacks were stopped at the heat-and-power plant, but not at the wind and solar farms, whose systems to monitor and control grid systems were made inoperable by the malware."
Poland's Computer Emergency Response Team (CERT) identified an end-of-year intrusion in which suspected Russian government hackers accessed wind and solar farms and a heat-and-power plant. Targeted systems used default usernames and passwords and lacked multi-factor authentication, allowing attackers little resistance. The attackers attempted to deploy wiper malware intended to erase and destroy systems, possibly to turn off power. The attack was halted at the heat-and-power plant, but malware rendered monitoring and control systems at wind and solar farms inoperable. All attacks were described as purely destructive and akin to arson. Power at targeted facilities was not disrupted and national grid stability remained unaffected. Cybersecurity firms ESET and Dragos attributed the intrusions to Sandworm, while CERT attributed them to Berserk Bear (Dragonfly), a group not commonly linked to destructive operations.
Read at TechCrunch
Unable to calculate read time
Collection
[
|
...
]