Jun 14, 2019

Hacker group Xenotime doing recon on U.S. electric utilities

Photo: YinYang via Getty Images

Xenotime, the notorious group behind the Triton malware designed to disable safety systems at petrochemical plants, has started to do reconnaissance at electric utilities, including those in the U.S, according to industrial systems cybersecurity firm Dragos.

Why it matters: Triton, also called Trisis, was designed to be not only destructive, but be destructive in a way that could kill people. In fact, there are only three other groups known to successfully, deliberately disrupt industrial control systems.

  • To be clear: We don't know that any U.S. electric utilities have been breached. Trisis has been observed doing some of the slow, deliberate groundwork to launch an attack.

Background: Triton was first seen in an attack a Saudi petrochemical facility. It hasn't been seen in any subsequent attack, though the same group behind the attack has still been active.

  • Because industrial control system attacks need to be extensively targeted against highly specialized equipment, this is believed to be the first time an attacker group switched from one sector to another — petrochemical to electricity.
  • While there are links between one component of the malware and a Russian research organization, no one has formally linked the malware to the Russian government. Hackers can be hired, borrow code or copy it from previous attacks.

Go deeper

Bernie Sanders wins Nevada caucus

Democratic presidential candidate Sen. Bernie Sanders waves to supporters at a campaign rally on Friday in Las Vegas. Photo: Mario Tama/Getty Images

Sen. Bernie Sanders is projected to handily win the Nevada Democratic primary caucus, becoming the clear frontrunner among 2020 Democratic presidential primary election candidates.

Why it matters: Nevada is the first state with a diverse population to hold a nominating contest, highlighting candidates' abilities to connect with voters of color — particularly Latino voters.

Go deeperArrowUpdated 2 hours ago - Politics & Policy

South Korea and Italy see spikes in coronavirus cases

Data: The Center for Systems Science and Engineering at Johns Hopkins, the CDC, and China's Health Ministry. Note: China numbers are for the mainland only and U.S. numbers include repatriated citizens.

The novel coronavirus has spread to more nations, and the U.S. reports a doubling of its confirmed cases to 34 — while noting these are mostly due to repatriated citizens, emphasizing there's no "community spread" yet in the United States.

The big picture: COVID-19 has now killed at least 2,362 people and infected more than 77,000 others, mostly in mainland China. New countries to announce infections recently include Israel and Lebanon, while Iran reported its sixth death from the virus. South Korea's confirmed cases jumped from 204 Friday to 433 on Saturday and Italy's case count rose from 3 to 62 by Saturday.

Go deeperArrowUpdated 6 hours ago - Health

America's rundown roads add to farmers' struggles

Illustration: Sarah Grillo/Axios

American farmers are struggling to safely use the roads that cut through their fields; decades of neglect and lack of funding have made the routes dangerous.

The big picture: President Trump has long promised to invest billions in rural infrastructure, and his latest proposal would allocate $1 trillion for such projects. Rural America, where many of Trump's supporters live, would see a large chunk of that money.