• A hacking group with ties to the Russian government is suspected of carrying out a cyberattack in January that caused a tank at a Texas water facility to overflow. [CNN.com, KRDO.com]
  • The Sandworm hacker group, also known as APT44, has played a central role in supporting Russian military objectives in Ukraine, carrying out disruptive and destructive cyberattacks since Russia’s invasion in February 2022. [DarkReading.com]
  • It presents a significant global threat due to its advanced capabilities and history of disrupting critical infrastructure sectors, including causing blackouts in Ukraine and releasing destructive, self-spreading code. [DataBreachToday.com, WhatsNew2Day.com].
  • It targeted government and critical infrastructure organizations across North America, Europe, the Middle East, Central Asia, and Latin America. [Wired.com]
  • The Texas hacking incidents coincided with other towns in the region taking precautionary measures after detecting suspicious cyber activity on their networks. The attack was a rare example of hackers using access to sensitive industrial equipment to disrupt regular operations. [CNN.com, WhatsNew2Day.com]
  • Cyber Army of Russia Reborn, a hacking front directly controlled by Sandworm, claimed responsibility for various data thefts and computer intrusions on behalf of Russia [LeMonde.fr, DarkReading.com].
  • Cybersecurity firm Mandiant established a link between the Cyber Army of Russia Reborn and Sandworm, which has been identified as Unit 74455 of the Russian military intelligence agency GRU. [WhatsNew2Day.com, DataBreachToday.com].
  • Cyberattacks are hitting water and wastewater systems “throughout the United States,” and governments and facilities must improve their defenses against this threat. The Texas hacking incidents gained little national attention until Mandiant publicly linked the hackers to the GRU. [CNN.com, WhatsNew2Day.com, CNN.com].

Sources:

  • CNN.com (English)
  • KRDO.com (English)
  • DarkReading.com (English)
  • DataBreachToday.com (English)
  • WhatsNew2Day.com (English)
  • Wired.com (English)
  • LeMonde.fr (French)

Links:

https://www.cnn.com/2024/04/17/politics/russia-hacking-group-suspected-texas-water-cyberattack/index.html

https://www.databreachtoday.com/global-menace-russian-sandworm-hacking-team-a-24874

https://www.darkreading.com/ics-ot-security/-sandworm-group-is-russia-s-primary-cyber-attack-unit-in-ukraine

https://www.lemonde.fr/pixels/article/2024/04/17/comment-sandworm-les-hackeurs-d-elite-de-l