Ukraine argues that cyberattacks against civilian infrastructure should be classified as war crimes. The Five Eyes take down Turla and its Snake malware. An Iranian threat actor turns its attention to infrastructure. The Bitter APT may be targeting Asia-Pacific energy companies. A Colonial Pipeline retrospective. ETHOS: a new private-sector OT risk information-sharing platform. CISA requests comment on software self-attestation form. Guest is Patrick Miller, CEO of Ampere Industrial Security, discussing INSM (Internal Network Security Monitoring) as a concept for the electric sector. In the Learning Lab, Dragos’ Mark Urban is joined by Dragos Principal Adversary Hunter Kyle O’Meara and Dragos Principal Intelligence Technical Account Manager Michael Gardner to discuss threat hunting. 

Control Loop News Brief.Ukraine argues that cyberattacks against civilian infrastructure should be classified as war crimes.

Russia attacks civilian infrastructure in cyberspace just as it does on ground - watchdog (UKRINFORM)

Russians launch mass cyber attack on online service for queueing to cross border by trucks (Ukrainska Pravda)

Europe’s Air-Traffic Agency Under Attack From Pro-Russian Hackers (Wall Street Journal)

#RSAC: Cyber-Attacks on Civilian Infrastructure Should Be War Crimes, says Ukraine Official (Infosecurity Magazine)

Five Eyes take down Turla and its Snake malware.

Hunting Russian Intelligence “Snake” Malware (Joint Cybersecurity Advisory)

Iranian threat actor exploits N-day vulnerabilities, turns its attention to infrastructure.

Nation-state threat actor Mint Sandstorm refines tradecraft to attack high-value targets (Microsoft)

Bitter APT may be targeting Asia-Pacific energy companies.

Phishing Campaign Targets Chinese Nuclear Energy Industry (Intezer)

The Colonial Pipeline ransomware attack, two years later.

The Attack on Colonial Pipeline: What We’ve Learned & What We’ve Done Over the Past Two Years (CISA)

ETHOS: a new private-sector OT risk information-sharing platform.

OT Cybersecurity Leaders to Deliver First Open-Source Information Sharing for Collective Early Warning in Critical Infrastructure (Globe Newswire)

CISA requests comment on software self-attestation form.

Request for Comment on Secure Software Self-Attestation Common Form (CISA)

OMB, CISA set to release common form for software self-attestation (Infosecurity Magazine)

Control Loop Interview.

The interview is with Patrick Miller, CEO of Ampere Industrial Security, discussing INSM (Internal Network Security Monitoring) as a concept for the electric sector.

Control Loop Learning Lab.

On the Learning Lab, Mark Urban is joined by Dragos Principal Adversary Hunter Kyle O’Meara and Dragos Principal Intelligence Technical Account Manager Michael Gardner to discuss threat hunting. 

Control Loop OT Cybersecurity Briefing.

A companion monthly newsletter is available through free subscription and on the CyberWire's website.

Learn more about your ad choices. Visit megaphone.fm/adchoices