Cybersecurity experts have identified a new activity group that they say is targeting access operations at electric utilities in the U.S., Europe, Middle East, and East Asia. 

Cybersecurity firm Dragos Inc. told POWER on August 1 that though it has confirmed that the group—which it dubbed “RASPITE”—is actively targeting electric utilities, “there is no current indication the group has the capability” to conduct destructive widespread blackouts like those in Ukraine in 2016. Dragos added, “Operations against electric utility organizations appear limited to the U.S. at this time.” 

Symantec, another security firm, calls the group, “Leafminer.” On July 25, Symantec said in a blog post that the group’s activity remains centered on the Middle East, mostly in Saudi Arabia—noting that threat is likely being perpetrated by Iranian actors. “One interesting source of target information discovered during the Leafminer investigation was a list of 809 targets used by the attackers for vulnerability scans,” it said. “The list is written in the Iranian language Farsi and groups each entry with organization of interest by geography and industry.”…

Read More »