You are here

Cyber Threat Awareness – Cyber Threat Actors Never Pass Up a Crisis

Cyber Threat Awareness – Cyber Threat Actors Never Pass Up a Crisis

Created: Tuesday, March 15, 2022 - 14:53
Categories:
Cybersecurity, OT-ICS Security, Security Preparedness

From destructive wipers and malware disguised as anti-virus, Ukraine is suffering from cyber attacks against its own infrastructure and organizations. However, all is not quiet elsewhere in the world, as cyber threat actors do what they do best – never pass up a crisis to spread their “wares.” Whether threat actors are sympathetic to or supportive of either side, there are many who opportunistically use relevant themed subjects in emails as scams or phishing lures to steal information or deliver malware, including ransomware. Likewise, cyber threat intelligence analysts at Accenture pontificate that despite being quiet thus far, the sympathetic divisions that has developed among threat actors could contribute to “mounting risk for Western organizations as pro-Kremlin criminal groups adopt quasi-hacktivist tactics to choose their next victims. Organizations in the government, media, finance, insurance, utilities and resources sectors should be braced for more attacks.”

While CISA is still not aware of any specific credible threats to the U.S. homeland, given the on-going invasion and potential for state-sponsored or opportunistic cyber criminal actions to impact organizations outside of Ukraine, members are encouraged to maintain vigilance and awareness for threats attempting to leverage the current conflict, implement cybersecurity measures, and be prepared to respond to disruptive cyber attacks.

Recent cyber activity against Ukraine

Members are encouraged to review CISA’s Shields Up, Shields Up Technical Guidance, and previously published WaterISAC and EPA webinars and advisories for cybersecurity measures and relevant resources.

Prior WaterISAC and EPA Webinars and Advisories

Incident Reporting
WaterISAC encourages all utilities that have experienced malicious or suspicious activity to email [email protected], call 866-H2O-ISAC, or use the confidential online incident reporting form. Reporting to WaterISAC helps utilities and stakeholders stay aware of the threat environment of the sector.