Industrial-control system security firm Dragos reported on its blog Friday that the group XENOTIME has been scanning the electric grids in the US and Asia-Pacific regions since late last year.
[XENOTIME are the] attackers behind the epic Triton/Trisis attack that in 2017 targeted and shut down a physical safety instrumentation system at a petrochemical plant in Saudi Arabia
Dragos notes that there is currently no evidence that the attackers successfully penetrated and
could actually wage a cyberattack that would result in "a prolonged disruptive or destructive event on electric utility operations," but that the hacking group's newly discovered activity around power grid providers is concerning.
This is an expansion of XENOTIME's targeting from Oil and Gas to include the electric sector and the group has "successfully compromised several oil and gas environments which demonstrates its ability to do so in other verticals."
(Score: 2) by takyon on Saturday June 15 2019, @02:01PM
The bug naming trend is awful (Heartbleed, Spectre, etc.). For these evil cyberattack groups, either they chose the name or security researchers did it for them, in which case they can be blamed yet again.
[SIG] 10/28/2017: Soylent Upgrade v14 [soylentnews.org]