HomeCII/OTNew Russian threat group infiltrates U.S. energy facilities

New Russian threat group infiltrates U.S. energy facilities

Published on

spot_img

Cybersecurity researchers at Cyble have uncovered a new pro-Russian hacktivist group known as “Sector 16” that has been engaged in hacking activities targeting oil and gas facility control panels in the United States. According to a recent report by Cyble, Sector 16 has made claims of successfully hacking into control panels in energy facilities and manipulating system control settings to disrupt operations.

The emergence of Sector 16 comes in the wake of another pro-Russian group called Z-Pentest, which has been actively targeting critical water and energy infrastructure in the past year. The collaboration between Sector 16 and Z-Pentest indicates a close alliance between the two groups, with both entities sharing similar objectives of causing disruption and chaos within key sectors of the U.S. infrastructure.

One notable aspect of Sector 16’s activities is the posting of screen recordings of their hacks on underground forums and channels. These videos showcase members of the group tampering with control panels of critical infrastructure, including oil pumps and storage tanks in Texas. While the primary purpose of these videos remains unclear, Cyble speculates that they may serve as a means to establish credibility or to instill fear rather than to cause actual damage.

In a recent incident, Sector 16 and Z-Pentest collaborated to hack into a supervisory control and data acquisition (SCADA) system overseeing oil pumps and storage tanks in Texas. The groups released a video demonstrating their access to the system interface, displaying real-time data on tank levels, pump pressures, casing pressures, and alarm management features. The inclusion of logos from both groups in the video further solidifies their partnership in carrying out these cyber attacks.

Sector 16 later took sole responsibility for infiltrating the control systems of a U.S. oil and gas production facility, showcasing their ability to compromise critical infrastructure and access operational data and systems. The video released by the group displayed control interfaces related to shutdown management, production monitoring, tank level readings, gas lift operations, and other essential components of the facility’s operations.

The concerning rise of cyber threats targeting critical infrastructure in the U.S. has raised alarms among cybersecurity officials, particularly with adversarial nations like Russia and China actively seeking to exploit vulnerabilities in sectors such as energy, healthcare, and transportation. The recent activities of Sector 16 and Z-Pentest serve as a stark reminder of the ongoing risks posed by malicious actors seeking to disrupt key infrastructure systems.

In addition to the activities of pro-Russian hacktivist groups, Cyble also reported on DDoS attacks on the U.S. government carried out by pro-Islamic hacktivists like Mr. Hamza. These groups, along with Z-Pentest and other pro-Russian entities, collaborated in launching attacks on government and military platforms, including networks used by the U.S. Army and the FBI. The willingness of these diverse threat groups to work together underscores the complex and evolving nature of cybersecurity threats facing critical infrastructure worldwide.

As the cybersecurity landscape continues to evolve, it is imperative for organizations and government agencies to enhance their security measures to defend against cyber threats effectively. The findings of Cyble’s dark web report underscore the importance of remaining vigilant and proactive in the face of growing cyber risks and the urgent need for stronger cybersecurity protections to safeguard critical infrastructure from malicious actors.

Source link

Latest articles

Ransomware payment value decreased by over 30% in 2024

After a year of record payments to cyber criminals, the tide seems to be...

Data breach at Vorwerk: Hackers steal Thermomix user data

In a recent cybersecurity breach, hackers have managed to gain access to user data...

Behavioral Analytics in Cybersecurity: Identifying the Primary Beneficiaries

In the realm of cybersecurity, the cost of a data breach hit a new...

Britain Reportedly Requests Apple to Create Backdoor

In a shocking turn of events, the British government has reportedly issued a secret...

More like this

Ransomware payment value decreased by over 30% in 2024

After a year of record payments to cyber criminals, the tide seems to be...

Data breach at Vorwerk: Hackers steal Thermomix user data

In a recent cybersecurity breach, hackers have managed to gain access to user data...

Behavioral Analytics in Cybersecurity: Identifying the Primary Beneficiaries

In the realm of cybersecurity, the cost of a data breach hit a new...