The Wall Street Journal reported that more than a dozen U.S. utilities were targeted in the LookBack attack first revealed in August. Originally, security researchers divulged the details of a spearphishing campaign targeting three different United States utility companies. Now The Wall Street Journal has disclosed that FBI investigations have determined that hackers “homed in on smaller electricity providers in proximity to critical infrastructure.”
Here’s what we now know about the LookBack malware campaign.
Building cyber resiliency puts a lot of pressure on an organization’s security team. It requires specialized knowledge that takes time to develop, and there just aren’t enough skilled cyber experts to go around.
Which begs the question: are the limited number of security experts holding the front lines in danger of burnout – and what can we do about it?
On August 1, security researchers at Proofpoint reported the details of spearphishing campaign targeting three different United States utility companies using a malware called “LookBack.” The spearphishing emails contained a malicious Microsoft Word attachment that installed a Remote Access Trojan (RAT) capable of performing activities like deleting files, taking screenshots, rebooting machines, and then deleting itself from an infected network.
Learn more about LookBack malware and how you can detect it.
To help counter the growing concern about cyberattacks aiming to disrupt power systems, industrial experts have been working together in WG15. This group, part of IEC, is defining the standards known as IEC 62351, for secure-by-design power grids.
As a member of WG 15 since 2015, I thought it might be helpful to inform you about these standards and provide an update on their status.