Will Wade (Bloomberg) – A group of hackers who shut down an oil and natural gas production facility in Saudi Arabia in 2017 is now targeting electricity utilities, according to Dragos Cybersecurity Corporation Inc.
The group, Xenotime, has been investigating utilities in the US and the Asia-Pacific region since the end of 2018, said Dragos of Hanover, Maryland, in an article published Friday on his blog. They focused mainly on electronic control systems that manage operations at industrial sites, Dragos said.
US authorities have long warned that networks are extremely vulnerable to cyber attacks. Disruption of a region's power infrastructure could cause widespread chaos, power outages, and crippling financial markets, transportation systems, and so on.
"While none of the targeting events of the electricity services has resulted in a known and successful intrusion into the victims' organizations to date, the persistent attempts and widening application are of great concern, "Dragos said in his message.
The blog stated that the attackers appeared to be looking for weaknesses in American electrical systems – a step to be considered much less serious than a real attack – and there is so far no evidence of it. A "successful successful intrusion".
Xenotime was noticed after the malware attack in 2017 against a petrochemical manufacturing facility in Saudi Arabia, Dragos said. Attackers targeted security systems to cause "loss of life or physical harm," according to the blog.