XENOTIME: the APT threatening critical infrastructure

From pandasecurity.com

These days, cybercrime affects all kinds of businesses. This year alone, we’ve seen cyberattacks carried out against city halls, aluminum producers, and even such well-known companies as Amazon. All of these incidents have grave consequences for the victims, from reputational damage and interruptions in the production chain, to paralyzing the whole business and incurring hefty fines.

Without a doubt, there is one sector that is particularly vulnerable: critical infrastructure. A cyberattack that affected a country’s water supply, or that interrupted service in a hospital, could even cause loss of life.

XENOTIME: a threat to Industrial Control Systems

Last year we asked what would happen if an attack interrupted a country’s power supply.Now it seems that this situation could become a reality.

XENOTIME is an APT (Advanced Persistent Threat) that has alleged links with Russia. It rose to notoriety when it carried out an attack on the industrial control systems of a Middle Eastern oil company using a piece of malware that managed to interfere with the company’s safety instrumented system (SIS). As of today, it is still one of the few pieces of malware that has managed to impact the physical process of an ICS.

Read more…