“The hack became known to insiders last week when a DHS alert bulletin was issued by the agency’s Industrial Control Systems Cyber Emergency Response Team to its industry members. The bulletin said the “BlackEnergy” penetration recently had been detected by several companies.
DHS said “BlackEnergy” is the same malware that was used by a Russian cyber-espionage group dubbed “Sandworm” to target NATO and some energy and telecommunications companies in Europe earlier this year. “Analysis of the technical findings in the two reports shows linkages in the shared command and control infrastructure between the campaigns, suggesting both are part of a broader campaign by the same threat actor,” the DHS bulletin said.”
DHS needs to blab this kind of thing to prove to us they are relevant. In my opinion that is why it’s being released publically. If it was really a serious threat we wouldn’t hear about it - like we don’t hear about thwarted terrorist attacks. Why let the enemy know you know if the threat is real? That’s stupid.