Forescout Research has uncovered a new tactic by pro-Russian hacktivists, fabricating industrial attacks to boost their reputation, exemplified by the group TwoNet’s false claims of targeting critical water treatment systems. This escalation from web defacement and DDoS to actual OT/ICS interference signifies an increasing cyber-physical threat. #TwoNet #OTIntrusions
Keypoints
- TwoNet is a pro-Russian hacktivist group that falsely claimed real-world water utility attacks.
- The group targeted HMI systems using default credentials and exploited CVE-2021-26829 for defacement.
- TwoNet shifted from DDoS operations to manipulating industrial control systems and infrastructure.
- Forescout detected ongoing OT intrusion attempts from multiple nation-states using public exploits.
- The group’s activity highlights a dangerous escalation in cyber-physical attacks targeting critical infrastructure.