“The U.S.-CERT alert characterizes these attacks as a multi-stage intrusion campaign to gain remote access into targeted industrial networks,” said Thomas Nuth, director of products and solutions at cybersecurity technology supplier Nozomi Networks. “After obtaining access, the threat actors (i.e., Russian government cyber actors) conducted network reconnaissance to collect information pertaining to ICS. Such behavior is typical of APTs (advanced persistent threats).”

Read More