The advanced persistent threat (APT) group GreyEnergy has been targeting industrial networks across Ukraine and Eastern Europe for years, and according to analysis of the group’s activity, the attacks begin with a malicious document sent in a phishing email.
Nozomi Networks performed analysis on the GreyEnergy advanced ICS malware and found that the tools and tactics used by the threat actors allowed the group to stay under the radar of typical anomaly detection tools for a long time.
By Kacy Zurkus
To read the full article click here.
