IronNet’s May Threat Intelligence Brief 2022

On April 12th, the Ukrainian CERT (CERT-UA) reported that the Russian Sandworm Team targeted high-voltage electrical substations in Ukraine using a new variant of a malware known as Industroyer (aka, Crash Override). The Sandworm Team, which is associated with the Russian GRU, previously used the original Industroyer variant to compromise Ukrainian power grids in 2016, causing a portion of Kyiv to lose power for over an hour. The new variant, dubbed Industroyer2, directly interacts with electrical utility equipment …

intelligence may threat threat intel briefs threat intelligence