Comment on COSMICENERGY : Scott Caveza, Staff Research Engineer, Tenable

“The Mandiant discovery of a new OT malware, COSMICENERGY, exemplifies the concerns of securing critical infrastructure. Based on the analysis, if this malware is attributed to a red team and not a nation-state threat actor, offensive capabilities may be accelerating at a dangerous rate. OT devices are typically insecure by design and motivated attackers could wreak havoc and cause long-lasting damage as techniques and attacks are distributed into widely shared and used toolkits.

“The announcement of this new malware variant is timely as on May 25, a joint cybersecurity advisory AA23-144a was released warning of a People’s Republic of China (PRC) threat actor attacking critical infrastructure in the U.S and Guam. As this new malware variant shows, the threat of nation-state actors and non-affiliated hacking groups is a global concern. Securing critical infrastructure against cyber threats should be one of the top priorities for individuals, contractors, and manufacturers alike as the consequences of an attack can be catastrophic.” — Scott Caveza, Staff Research Engineer, Tenable