On Wednesday, industrial cybersecurity firm Dragos published its annual report on the state of industrial control systems security, which names four new foreign hacker groups focused on those critical infrastructure systems. Three of those newly named groups have targeted industrial control systems in the US, according to Dragos. But most noteworthy, perhaps, is a group that Dragos calls Kamacite, which the security firm describes as having worked in cooperation with the GRU’s Sandworm. Kamacite has in the past served as Sandworm’s “access” team, the Dragos researchers write, focused on gaining a foothold in a target network before handing off that access to a different group of Sandworm hackers, who have then sometimes carried out disruptive effects. Dragos says Kamacite has repeatedly targeted US electric utilities, oil and gas, and other industrial firms since as early as 2017.
Read 11 remaining paragraphs | Comments