A cyber threat group known for targeting oil and gas facilities has now expanded its attention to electric utilities in the US and Asia-Pacific, researchers say.
The Xenotime group, which researchers say was behind an attempt to cause an exposion at a Saudi Arabian oil and gas installation in 2017, began probing electric utilities in late 2018, said US-based security firm Dragos.
“This behaviour could indicate the activity group was preparing for a further cyberattack, or at minimum satisfying the prerequisites for a future industrial control system (ICS)-focused intrusion,” Dragos said in an advisory.
It added that other groups targeting industrial systems are likely to follow suit and expand across multiple vertical sectors.
Dragos, which specialises in ICS security, called Xenotime the “most dangerous threat” to industrial systems due to its willingness to “undermine fundamental process safety”, placing “lives and environments at great risk”.
In late 2017 researchers said the hacking group had infected a Saudi petrochemical plant with malware known as Triton or Trisis, which aims to disrupt safety systems.
The attack was the first time an attack on ICS systems was known to have been intended to cause physical damage or loss of life.
Dragos said it detected the group’s expansion of focus in February, with scans of electrical utilities in the US and Asia-Pacific.
It said that so far none of Xenotime’s external scanning and research on electric utilities was known to have resulted in a successful intrusion.
Oil and gas companies remain at risk from Xenotime, Dragos said.
The group’s actions should be “a cause for deep concern given this adversary’s willingness to compromise process safety”, the security firm said.
It said companies operating such equipment should take precautions and work with governments and businesses in other sectors to improve security.
“The time to plan, implement, and enforce security standards and response processes in industrial environments is now,” Dragos said in its advisory.
Targetting AWS, Microsoft? British competition regulator soon to announce “behavioural” remedies for cloud sector
Move to Elon Musk rival. Former senior executive at X joins Sam Altman's venture formerly…
Bitcoin price rises towards $100,000, amid investor optimism of friendlier US regulatory landscape under Donald…
Judge Kaplan praises former FTX CTO Gary Wang for his co-operation against Sam Bankman-Fried during…
Explore the future of work with the Silicon In Focus Podcast. Discover how AI is…
Executive hits out at the DoJ's “staggering proposal” to force Google to sell off its…