LATEST INTELLIGENCE

PRESENTED BY

Scan QR code to download whitepaper here

Executive Summary

• Dragos assesses with high confidence the renewable energy sector of the Nordic Region , encompassing Denmark , Finland , Iceland , Norway and Sweden , the autonomous territories of the Faroe Islands and Greenland , and the autonomous region of Åland , matches the targeting profiles of Russian cyber operations ( wind , solar , nuclear , hydroelectric , and biofuels ) – based on the 2023 threat assessment by the U . S . Office of the Director of National Intelligence ( ODNI ), along with the leaked NTC Vulkan Files that detailed the Russian programs for offensive cyber operations on critical infrastructure .

• As of June 2023 , Distributed Denial of Service ( DDoS ) attacks performed by hacktivist groups are ongoing in the Nordic Region with an emphasis on Sweden .

• Wiper malware has been deployed against Ukraine , which had cascading impacts on European renewable energy asset owners . Nordic countries were victims of the spread of wiper malware ( NotPetya infected systems in Denmark ).

• Sweden is hosting approximately 57 percent of the internet-connected ICS / OT assets in the Nordic Region .

• Rapid weaponization of exploits on Virtual Private Networks ( VPN ) and remote services are a prolific attack vector with a proportionally larger risk to Cisco SSL VPNs . Fifty-four percent of Dragos sampled VPN appliances belonging to renewable energy asset owners in the Nordic Region are Cisco SSL VPNs .

• Worldwide exploitation of the following Known Exploited Vulnerabilities ( KEV )

• Fortinet – FortiOS and FortiProxy SSL-VPN ( CVE-2023-27997 )

• MOVEit Transfer – Progress MOVEit Transfer SQL Injection Vulnerability ( CVE-2023-34362 ) x

12 www . intelligentcxo . com