April 17, 2024 at 04:04PM
The notorious Russian military cyber unit, Sandworm, linked to GRU intelligence, engaged in cyberattacks on US and European water and hydroelectric utilities, causing disruptions and a water tank overflow. The group has targeted Ukraine and also impacted US and European critical infrastructure. Mandiant warned of the ongoing threat posed by Sandworm.
Based on the meeting notes, the main takeaways are:
1. The Russian military’s Sandworm crew, also known as APT44, has been linked to cyberattacks on US and European water and hydroelectric facilities.
2. These attacks have led to system malfunctions, including a water tank overflow in Texas and disruptions at a French hydroelectric facility.
3. Sandworm operates Telegram channels to draw attention to its activities and share stolen data, with a focus on causing chaos in Ukraine but also targeting US and European critical infrastructure organizations’ operational technology.
4. The group has been implicated in disrupting human machine interfaces (HMI) controlling operational technology systems at Polish and US water utilities as well as French hydroelectric facilities.
These takeaways highlight the significant impact of Sandworm’s cyberattacks and emphasize the need for heightened cybersecurity measures to protect critical infrastructure.