Building Control System WhisperGate Attack Post on LinkedIn
- Fred Gordy: CS²AI Fellow
- Mar 24, 2022
- 1 min read
By Fred Gordy Director of Cybersecurity at Intelligent Buildings, LLC, (CS)²AI Fellow
March, 2022
Building Control System WhisperGate Attack Post on LinkedIn https://www.linkedin.com/posts/intelligent-buildings_intelligentbuildings-smartbuildings-cre-activity-6912767514456305665-hEZY?utm_source=linkedin_share&utm_medium=member_desktop_web
I have periodically monitored several Russian aligned ransomware groups’ dark websites, primarily focusing on Conti. If you are not familiar, Conti is by far the most successful ransomware group in operation today, routinely pulling in multi-million-dollar payments from victim organizations, and they publicly announced their support for Russia when they invaded Ukraine. They are not the only ransomware groups to announce support for Russia. Others include UNC1151, Zatoichi, Killnet, Stormous Ransomware, Digital Cobra Gang (DCG), Freecivillian, SandWorm, The Red Bandits, and Coomingproject.
I have noticed an upwards spike in U.S. companies showing up on Conti’s site. As recent as today, March 24th, 2022, a U.S.-based mechanical engineering and construction firm that, according to their website, is a leader in the Washington, D.C. market. Their website says they work on complex commercial, government, and institutional design-build projects. Two days ago, a U.S.-based cancer diagnostics laboratory was ransomed. Data is up for sale for both these companies and others, and they have been locked out of their systems.
These two examples are centered around data, but the building controls community is not exempt. We recently were able to stop an attack on several building systems from what we believe to be Russia. WhisperGate malware was found and contained before it could do any damage. WhisperGate is a sophisticated malware known for targeting multiple organizations in Ukraine. It has two stages that corrupt a system’s master boot record, displays a fake ransomware note, and encrypts files based on certain file extensions.
Conti Post on LinkedIn
This was a very well-explained and insightful article that left a strong impression. I appreciated how the author simplified important ideas and made them easy to follow. It shows how reflection and understanding go hand in hand in the learning process. As a CIPD student, I often look for content like this to stay motivated. When assignments become overwhelming, many learners consider CIPD Assignment Help to better manage their academic responsibilities. Posts like this encourage confidence, curiosity, and a balanced approach to studies
I found this piece quite thought-provoking, especially the way it breaks down how the WhisperGate attack wasn’t just a typical ransomware incident but more of a wiper disguised to mislead defenders. That detail really stood out because it highlights how attackers are evolving their tactics beyond straightforward financial motives. It also made me think about how many organisations might still rely on assumptions when responding to incidents, rather than digging deeper into intent.
The discussion around control systems being indirectly affected was interesting too—it’s easy to overlook those connections. It reminded me of a conversation I once had while researching something unrelated with New Assignment Help service in Australia, where the importance of context in analysis came up. Overall, this…