April 25, 2025

Resecurity warns of increased cyber threats to energy and nuclear facilities from hacktivists and nation-states

Resecurity's latest report reveals a sharp rise in cyberattacks targeting critical energy infrastructure across North America, Asia, and the EU—including nuclear facilities. These attacks are driven by geopolitical tensions, with nation-state actors from China, Iran, North Korea, and Russia, as well as ransomware groups and hacktivists, playing key roles. The focus is largely on cyber-espionage, but ransomware is increasingly used to disrupt operational technology (OT) and demand large payouts.

Key Factors Increasing Risk:

  • IT-OT Convergence and Industrial IoT (IIoT) have expanded attack surfaces.
  • Cloud adoption and AI integration introduce new vulnerabilities.
  • Supply chain risk, highlighted by the MOVEit breach, exposes multiple tiers of vendors.
  • AI adoption in the nuclear sector is particularly concerning, adding complexity and risk.

Highlighted Threat Actors:

  • RansomHub, HellCat (ransomware)
  • Lazarus Group, Cyb3rAv3ngers (nation-state)
  • S16, Noname057(16) (hacktivist)

HellCat is noted for using Lumma infostealer malware and leaking energy firm data, including a major breach at Schneider Electric. Lazarus Group has specifically targeted nuclear sector personnel using deceptive job applications (Operation DreamJob).

Nuclear Sector Under Fire:

  • Multiple DDoS attacks, phishing campaigns, and data leaks have hit nuclear entities globally.
  • Resecurity’s HUNTER unit identified leaks from organizations like Qatar Gas, EPRI, and Framatome.
  • Dark web activity shows increased interest in nuclear access listings and stolen data.

Call to Action:

The U.S. DOE and NERC have issued new guidelines to bolster cybersecurity, but the report urges continued vigilance and stronger dark web monitoring. As energy firms become key targets in a new wave of cyberwarfare, the line between cybercrime and state-backed military operations continues to blur.

Source: https://industrialcyber.co/utilities-energy-power-water-waste/resecurity-warns-of-increased-cyber-threats-to-energy-and-nuclear-facilities-from-hacktivists-and-nation-states/

Explore More Insightful Articles:

All topics
Regulatory Changes
Emerging threats
New challanges

Emerging threats

Dragos details LELWD’s fight against VOLTZITE cyberattack, following 300-day OT network breach

April 17, 2025

3 min read

New challanges

New SANS/GIAC study finds cybersecurity skills gap, not talent shortage, at core of workforce crisis

April 15, 2025

4 min read

Emerging threats

Hardware vulnerabilities in Hitachi Energy, ABB, B&R ICS devices pose critical infrastructure threat

April 17, 2025

8 min read

Emerging threats

PRODAFT detects high-severity flaws in mySCADA myPRO Manager, warns of industrial network breaches

April 17, 2025

2 min read

New challanges

Why no small business is too small for hackers - and 8 security best practices for SMBs

April 17, 2025

3 min read

New challanges

Forescout’s 2025 report reveals surge in device vulnerabilities across IT, IoT, OT, and IoMT

April 17, 2025

7 min read

Regulatory changes

US CISA extends MITRE CVE, CWE programs with last-minute contract extension, prevents shutdown

April 17, 2025

4 min read

Regulatory changes

Finite State expands into EMEA to support compliance with emerging cyber regulations amid rising demand

April 16, 2025

3 min read

Regulatory changes

New Resource: Comparison of ISA/IEC 62443-4-1 and NIST SP 800-218, Secure Software Development Framework

April 8, 2025

4 min read

Regulatory changes

Swiss critical sector faces new 24-hour cyberattack reporting rule

March 11, 2025

4 min read

Regulatory changes

Public Consultation on Cyber-attack Classification Scale Methodology

March 5, 2025

2 min read

Emerging threats

Frenos warns OT sector of critical Erlang vulnerability enabling remote code execution affecting millions of devices

April 22, 2025

6 min read

Emerging threats

Resecurity warns of increased cyber threats to energy and nuclear facilities from hacktivists and nation-states

April 22, 2025

5 min read

Emerging threats

2025 Q2 Vulnerability Forecast

April 17, 2025

5 min read

Emerging threats

CrazyHunter Campaign Targets Taiwanese Critical Sectors

April 16, 2025

8 min read

Emerging threats

Dragos details LELWD’s fight against VOLTZITE cyberattack, following 300-day OT network breach

April 15, 2025

3 min read

Emerging threats

Hardware vulnerabilities in Hitachi Energy, ABB, B&R ICS devices pose critical infrastructure threat

April 11, 2025

8 min read

New challanges

Integrating AI and ML technologies across OT, ICS environments to enhance anomaly detection and operational resilience

April 22, 2025

6 min read

New challanges

Time to kick out Human Error?

April 22, 2025

4 min read

New challanges

Industrial Cybersecurity in 2025: Insights from a Live Game Show-Style Panel

April 17, 2025

6 min read

New challanges

NATO allies boost cyber defense coordination, focus on improving critical infrastructure resilience

April 16, 2025

5 min read

New challanges

Top Cyber Security Tabletop Exercise Examples & Scenarios

April 16, 2025

6 min read

New challanges

MITRE warns that funding for critical CVE program expires today

April 16, 2025

4 min read

All content on this website, including text, graphics, images, audio recordings, and videos, is protected by copyright. Unauthorized use, copying, or modification of this content may infringe on our copyright, trademark rights, and other intellectual property rights. Failure to comply with these terms may result in civil and criminal liabilities.

©2025 NIS2U GmbH All Rights Reserved.