Malware operators are increasingly targeting ONG and related energy industries to further political, economic, and national security goals. Their activity threatens the availability of industrial technologies and safety of those operating them. Industrial asset owners and operators can defend against these threat groups if they can recognize suspicious behavior.
Identify the tactics, techniques, and procedures used by Activity Groups with this intelligence report from Dragos, the largest global team dedicated to protecting industrial control systems.
Understand the full scope of threats targeting ONG infrastructure around the world and:
- Why all stages of ONG operations are high-value targets for cyber attacks.
- Major areas of concern - and actionable recommendations to address them - for upstream, midstream, and downstream.
- How OEMs, third-party vendors, and supply chains increase risk in your IT and OT networks.
- Defensive recommendations to strengthen your ICS/OT cybersecurity posture.
3 of 7 Activity Groups Threatening Oil & Natural Gas
Prepare for all seven Activity Groups targeting ONG infrastructure by downloading our full intelligence report.
XENOTIME
CAPAbiLITIES
TRISIS. Custom credential harvesting. Off-the-shelf tools.
ICS Impact
Demonstrated capability to execute a disruptive ICS attack, such as the 2017 TRISIS incident.
PARASITE
CAPABILITIES
Exploiting known VPN vulnerabilities. SSH.NET, MASSCAN, dsniff, Impacket.
ICS Impact
Operations focus on ICS-related organizations, limited to IT network actions for initial access and information collection.
KAMACITE
CAPABILITIES
Primary focus on compromised infrastructure in Europe. Spoofs legitimate technology and social media services.
ICS Impact
Operations linked to five ICS targeting events. Proven operations leading to disruption. Facilitated the 2015 and 2016 Ukraine power events.