2/9/2018
12:20 PM
Kelly Sheridan
Kelly Sheridan
Slideshows
Connect Directly
Twitter
LinkedIn
RSS
E-Mail

8 Nation-State Hacking Groups to Watch in 2018

The aliases, geographies, famous attacks, and behaviors of some of the most prolific threat groups.
6 of 9

Sandworm
Also known as: BlackEnergy, Electrum, Iridium
Believed to operate out of: Eastern Europe
Usual targets: Ukraine
Behavior: Sandworm has been known to appear then disappear in waves with its attacks, which primarily target Ukraine, and experts agree we'll see more of these attacks in 2018. The group frequently uses spearphishing and has recently begun targeting the supply chain, a move likely to increase its target base, says Hultquist. While Ukraine is its primary target for ICS/SCADA attacks, there's always a chance Sandworm will broaden its reach. It previously researched a potential attack on US utility systems.
'Given that this activity doesn't appear to be declining or shrinking, the danger of them shifting and targeting outside Ukraine continues to increase,' says Hultquist. 'That could have serious repercussions for corporations operating all around the world.' 
Tied to: Ukraine power grid attacks of December 2015 and December 2016  . 
Hultquist and other security researchers have also linked the group to last summer's NotPetya attack, a destructive campaign which also primarily targeted Ukraine.
(Image: Rootstock via Shutterstock)

Sandworm

Also known as: BlackEnergy, Electrum, Iridium

Believed to operate out of: Eastern Europe

Usual targets: Ukraine

Behavior: Sandworm has been known to appear then disappear in waves with its attacks, which primarily target Ukraine, and experts agree we'll see more of these attacks in 2018. The group frequently uses spearphishing and has recently begun targeting the supply chain, a move likely to increase its target base, says Hultquist. While Ukraine is its primary target for ICS/SCADA attacks, there's always a chance Sandworm will broaden its reach. It previously researched a potential attack on US utility systems.

"Given that this activity doesn't appear to be declining or shrinking, the danger of them shifting and targeting outside Ukraine continues to increase," says Hultquist. "That could have serious repercussions for corporations operating all around the world."

Tied to: Ukraine power grid attacks of December 2015 and December 2016 . Hultquist and other security researchers have also linked the group to last summer's NotPetya attack, a destructive campaign which also primarily targeted Ukraine.

(Image: Rootstock via Shutterstock)

6 of 9
Comment  | 
Email This  | 
Print  | 
RSS
Copyright © 2021 UBM Electronics, A UBM company, All rights reserved. Privacy Policy | Terms of Service