New Findings Challenge Attribution in Denmark’s Energy Sector Cyberattacks

Recent research from Forescout suggests that the Russia-affiliated Sandworm hacking gang may not have been involved in the cyberattacks that targeted Denmark’s energy industry last year.

Targeting approximately 22 Danish energy organizations, the intrusions happened in two separate waves in May 2023. The first wave took advantage of a Zyxel firewall security flaw (CVE-2023-28771), and the second activity cluster saw the attackers install Mirai botnet variants on infected hosts through an as-yet-unknown initial access vector.

May 11 was the first wave, and May 22 to May 31, 2023 was the second wave. In one such attack that was discovered on May 24, it was noted that the compromised machine was in communication with IP addresses that had previously acted as command-and-control (C2) read more New Findings Challenge Attribution in Denmark’s Energy Sector Cyberattacks.

Get up to date on the latest cybersecurity news and enhance your knowledge of cybersecurity with our thorough coverage of the dangers, breaches, and solutions.

Leave a Reply

Your email address will not be published. Required fields are marked *