Discover Hacks/Cracks News
GhostSec’s Claimed ICS Ransomware Attack Questioned
SecurityWeek reports that pro-Ukraine hacktivist group GhostSec is having its claims of launching the first-ever ransomware attack against an industrial control system device questioned by cybersecurity experts.
GhostSec alleged that it was able to compromise a remote terminal unit in Belarus, a major ally of Russia, and while files were encrypted as a result of the intrusion, no ransom has been demanded. However, SynSaber noted that attacks against the targeted device, a Teleofis RTU968, which runs on the popular Linux OS OpenWrt, have been done before.
"Given that these devices are running generic Linux kernels that happen to be providing connectivity to serial devices (which, of course, could be industrial), theres nothing in the evidence supplied by GhostSec that industrial was specifically attacked or that this attack represents a new paradigm shift in industrial hacking," said SynSaber Chief Technology Officer Ron Fabela.