XENOTIME, a destructive APT linked to Russia, has broadened its target set beyond Middle East oil and gas.
XENOTIME, the APT group behind the TRISIS industrial control system (ICS) event, has expanded its focus beyond the oil and gas industries, according to researchers. The group has recently been seen probing the networks of electric utility organizations in the U.S. and elsewhere – perhaps a precursor to a dangerous attack on critical infrastructure that could cause physical damage or loss of life.
“Offensive government programs worldwide are placing more emphasis and resources into attacking and disrupting industrial processes like oil, power and water,” said Sergio Caltagirone, vice president of threat intelligence at Dragos. He told Threatpost that “This means more attacks are coming. People will die, we just don’t know when.”