A hacking campaign that targeted Danish critical infrastructure last year may not have been the work of the infamous Russian hacking group Sandworm, according to a report by Forescout researchers. The campaign, initially believed to be conducted by Sandworm, affected around 22 energy companies. However, Forescout’s report suggests that the first and second wave of attacks were unrelated and that Sandworm likely had no involvement. The findings challenge the previous theory that the attacks were carried out by nation-backed hackers, suggesting instead that they were perpetrated by unknown hackers taking advantage of unpatched firewalls. While the attacks occurred within weeks of each other, the researchers stress the importance of distinguishing between separate incidents to enable more effective incident response and remediation efforts. The report emphasizes the need for organizations and researchers to carefully analyze and assess evidence to gain a clearer understanding of cyber threats. With cyberattacks becoming increasingly prevalent in the constantly evolving geopolitical landscape, it is crucial to separate and understand the different elements at play in order to effectively protect critical infrastructure.
Danish Critical Infrastructure Hacking Campaign Attributed to Sandworm Group May Have Been the Work of Another Hacker Group, Denmark
Date:
Updated: [falahcoin_post_modified_date]