{"id":44637,"date":"2022-03-01T10:17:48","date_gmt":"2022-03-01T02:17:48","guid":{"rendered":"https:\/\/version-2.com.sg\/?p=44419"},"modified":"2022-03-16T11:25:27","modified_gmt":"2022-03-16T03:25:27","slug":"the-russia-ukraine-conflict-from-an-industrial-cybersecurity-perspective","status":"publish","type":"post","link":"https:\/\/version-2.com\/zh\/2022\/03\/the-russia-ukraine-conflict-from-an-industrial-cybersecurity-perspective\/","title":{"rendered":"The Russia-Ukraine Conflict from an Industrial Cybersecurity Perspective"},"content":{"rendered":"\t\t<div data-elementor-type=\"wp-post\" data-elementor-id=\"44637\" class=\"elementor elementor-44637\">\n\t\t\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-a9966c4 post-content elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"a9966c4\" data-element_type=\"section\" data-e-type=\"section\" data-settings=\"{&quot;jet_parallax_layout_list&quot;:[{&quot;jet_parallax_layout_image&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;_id&quot;:&quot;437ef7f&quot;,&quot;jet_parallax_layout_image_tablet&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_image_mobile&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_speed&quot;:{&quot;unit&quot;:&quot;%&quot;,&quot;size&quot;:50,&quot;sizes&quot;:[]},&quot;jet_parallax_layout_type&quot;:&quot;scroll&quot;,&quot;jet_parallax_layout_direction&quot;:&quot;1&quot;,&quot;jet_parallax_layout_fx_direction&quot;:null,&quot;jet_parallax_layout_z_index&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_x&quot;:50,&quot;jet_parallax_layout_bg_x_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_x_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_y&quot;:50,&quot;jet_parallax_layout_bg_y_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_y_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_size&quot;:&quot;auto&quot;,&quot;jet_parallax_layout_bg_size_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_size_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_animation_prop&quot;:&quot;transform&quot;,&quot;jet_parallax_layout_on&quot;:[&quot;desktop&quot;,&quot;tablet&quot;]}]}\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-2884b38\" data-id=\"2884b38\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-980bf1e elementor-widget elementor-widget-text-editor\" data-id=\"980bf1e\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\n<p align=\"center\"><img decoding=\"async\" src=\"https:\/\/blog.scadafence.com\/hubfs\/The%20Russia-Ukraine%20Conflict.png\" width=\"958\" height=\"auto\" alt=\"\" > <\/p>\n\n<p>In recent weeks, Ukraine has been hit with numerous cyberattacks targeting its government and banking sector as a part of the Russo-Ukrainian crisis. Several Ukrainian government departments and banks were knocked offline by a DDoS attack, and multiple wiper malwares have been observed targeting Ukrainian organizations.<\/p>\n<p>For its part, Russia claimed it has never conducted and does not conduct any malicious operations in cyberspace.<\/p>\n<p>These attacks resulted in fear of a wider cyber conflict, with western governments bracing for Russian cyberthreats and considering their response.<\/p>\n\n<h2 style=\"font-size: 24px;\">The Russia-Ukraine Cyber Conflict<\/h2>\n<p>In January, about 70 government websites were taken offline by a DDoS attack. Shortly after, a destructive malware infected government, non-profit, and IT organization devices in Ukraine. This malware, dubbed <a href=\"https:\/\/www.cisa.gov\/uscert\/ncas\/alerts\/aa22-057a\" rel=\"noopener\" target=\"_blank\"><span>WhisperGate<\/span><\/a>, was designed to look like ransomware, but lacks a recovery feature, indicating that their goal was to destroy files rather than to encrypt them for ransom.<\/p>\n<p>Hours prior to the beginning of the Russian invasion of Ukraine, a new wiper malware was discovered. This attack leveraged at least three components: <a href=\"https:\/\/blog.malwarebytes.com\/threat-intelligence\/2022\/03\/hermeticwiper-a-detailed-analysis-of-the-destructive-malware-that-targeted-ukraine\/\" rel=\"noopener nofollow\" target=\"_blank\"><span>HermeticWiper<\/span><\/a> for data wiping, HermeticWizard for spreading in the network, and HermeticRansom acting as a decoy ransomware. HermeticWiper was seen conducting malicious activity as early as November 2021, indicating that the attack was prepared months in advance.&nbsp;<\/p>\n<p>As the invasion began, the second wiper malware, <a href=\"https:\/\/www.computerweekly.com\/news\/252514012\/ESET-details-new-IsaacWiper-malware-used-on-Ukraine\" rel=\"noopener nofollow\" target=\"_blank\"><span>IsaacWiper<\/span><\/a>, surfaced. IsaacWiper and HermeticWiper have no code similarities, the former is less sophisticated than the latter.<\/p>\n<p>While it cannot be confirmed whether Russia is behind these attacks, it is believed they are part of Russia\u2019s \u201chybrid warfare\u201d, which consists of a combination of conventional and advanced methods.<\/p>\n<p>Ukraine\u2019s cyber activity has not been solely defensive, with the Ukrainian government forming an \u201cIT Army\u201d. Since the crisis began, several Russian government and media websites have been intermittently offline. Some of these attacks were carried out by the Anonymous hacktivist movement, which has pledged allegiance to Ukraine. The group and its affiliates also claimed to have compromised the Russian Nuclear Institute and the Control Center of the Russian Space Agency \u2018Roscosmos\u2019.<\/p>\n\n<h2 style=\"font-size: 24px;\">Russian APT Groups and Known Attacks<\/h2>\n<p>There are a number of APT groups affiliated with Russian organizations:<\/p>\n<p><span style=\"text-decoration: underline;\">APT28<\/span><\/p>\n<ul>\n<li aria-level=\"1\"><strong>Attribution<\/strong>: Russia\u2019s General Staff Main Intelligence Directorate (GRU)<\/li>\n<li aria-level=\"1\"><strong>Active since<\/strong>: 2004<\/li>\n<li aria-level=\"1\"><strong>Targets<\/strong>: The defense and energy sectors and government organizations<\/li>\n<li aria-level=\"1\"><strong>Associated attacks<\/strong>: The Hillary Clinton campaign, the Democratic National Committee, and the Democratic Congressional Campaign Committee in 2016<\/li>\n<li aria-level=\"1\"><strong>Tools used<\/strong>: Koadic, Mimikatz, Net, Responder, Tor, USBStealer, Zebrocy<\/li>\n<\/ul>\n<p><span style=\"text-decoration: underline;\">APT29<\/span><\/p>\n<ul>\n<li aria-level=\"1\"><strong>Attribution<\/strong>: Russia&#8217;s Foreign Intelligence Service (SVR)<\/li>\n<li aria-level=\"1\"><strong>Active since<\/strong>: 2008<\/li>\n<li aria-level=\"1\"><strong>Targets<\/strong>: Government networks in Europe and NATO member countries, research institutes, and think tanks<\/li>\n<li aria-level=\"1\"><strong>Associated attacks<\/strong>: The SolarWinds supply chain compromise cyber operation was attributed to the SVR, public statements included citations to APT29<\/li>\n<li aria-level=\"1\"><strong>Tools used<\/strong>: Mimikatz, Net, Cobalt Strike, PsExec, CosmicDuke, FatDuke, GeminiDuke, PowerDuke, SeaDuke, SUNBURST<\/li>\n<\/ul>\n<p><span style=\"text-decoration: underline;\">Sandworm Team<\/span><\/p>\n<ul>\n<li aria-level=\"1\"><strong>Attribution<\/strong>: Russia\u2019s General Staff Main Intelligence Directorate (GRU)<\/li>\n<li aria-level=\"1\"><strong>Active since<\/strong>: 2009<\/li>\n<li aria-level=\"1\"><strong>Targets<\/strong>: Ukrainian electrical companies and government organizations, Georgia<\/li>\n<li aria-level=\"1\"><strong>Associated attacks<\/strong>: The 2015 and 2016 attacks against Ukrainian electrical companies and government organizations, the NotPetya attack, the 2018 Olympic Destroyer attack, and attacks against Georgia in 2018 and 2019<\/li>\n<li aria-level=\"1\"><strong>Tools used<\/strong>: Mimikatz, Net, PsExec, BlackEnergy, Industroyer, NotPetya, KillDesk<\/li>\n<\/ul>\n<p><span style=\"text-decoration: underline;\">Wizard Spider<\/span><\/p>\n<ul>\n<li aria-level=\"1\"><strong>Attribution<\/strong>: Russia-based financially motivated threat group<\/li>\n<li aria-level=\"1\"><strong>Active since<\/strong>: 2016<\/li>\n<li aria-level=\"1\"><strong>Targets<\/strong>: The group has conducted ransomware campaigns against a variety of organizations, ranging from major corporations to hospitals<\/li>\n<li aria-level=\"1\"><strong>Associated attacks<\/strong>: The group is originally known for the creation and deployment of TrickBot<\/li>\n<li aria-level=\"1\"><strong>Tools used<\/strong>: Mimikatz, Net, Cobalt Strike, PsExec, Empire, Bazar, Conti, Dyre, Emotet, GrimAgent, Ryuk, TrickBot<\/li>\n<\/ul>\n<p><span style=\"text-decoration: underline;\">Dragonfly 2.0<\/span><\/p>\n<ul>\n<li aria-level=\"1\"><strong>Attribution<\/strong>: A suspected Russian threat group<\/li>\n<li aria-level=\"1\"><strong>Active since<\/strong>: 2015<\/li>\n<li aria-level=\"1\"><strong>Targets<\/strong>: Government entities and multiple U.S. critical infrastructure sectors and parts of the energy sector within Turkey and Switzerland<\/li>\n<li aria-level=\"1\"><strong>Associated attacks<\/strong>:&nbsp;<\/li>\n<li aria-level=\"1\"><strong>Tools used<\/strong>: Net, PsExec, Reg, CrackMapExec, Impacket<\/li>\n<\/ul>\n<p>Additional Russian APT groups include ALLANITE, Indrik Spider, Nomadic Octopus, TEMP.Veles, and Turla.<\/p>\n\n<h2 style=\"font-size: 24px;\">Tools and Vulnerabilities<\/h2>\n<p>These APT groups use various tools and malwares in their attacks, ranging from commercial, open-source software, to custom software designed for malicious purposes.<\/p>\n<p><span style=\"text-decoration: underline;\">Tools:<\/span><\/p>\n<ol>\n<li aria-level=\"1\"><strong>Mimikatz <\/strong>\u2013 Mimikatz is a credential dumper capable of obtaining plaintext Windows account logins and passwords.<\/li>\n<li aria-level=\"1\"><strong>Net <\/strong>\u2013 The Net utility is a component of the Windows operating system, which can be useful for an adversary, such as gathering system and network information for discovery, moving laterally through SMB\/Windows admin shares, and interacting with services.<\/li>\n<li aria-level=\"1\"><strong>Cobalt Strike<\/strong> \u2013 Cobalt Strike is an adversary simulation software designed to execute targeted attacks and emulate the post-exploitation actions of advanced threat actors.<\/li>\n<li aria-level=\"1\"><strong>PsExec <\/strong>\u2013 PsExec is a tool that can be used to execute a program on another computer. It is used by IT administrators and attackers.<\/li>\n<li aria-level=\"1\"><strong>Empire <\/strong>\u2013 Empire is a post-exploitation tool which was one of five tools singled out by a joint report on public hacking tools being widely used by adversaries.<\/li>\n<\/ol>\n<p><span style=\"text-decoration: underline;\">ICS Malwares:<\/span><\/p>\n<ol>\n<li aria-level=\"1\"><strong>BlackEnergy <\/strong>\u2013 BlackEnergy is a malware toolkit that was originally designed to create botnets for use in conducting DDoS attacks. It is well known for being used during the confrontation between Georgia and Russia in 2008, as well as in targeting Ukrainian institutions.<\/li>\n<li aria-level=\"1\"><strong>Industroyer <\/strong>\u2013 Industroyer is a sophisticated malware framework designed to impact the working processes of industrial control systems (ICS), specifically components used in electrical substations. It was used in the attacks on the Ukrainian power grid in December 2016.<br><br><\/li>\n<\/ol>\n<p><span style=\"text-decoration: underline;\">Additional Malwares and Ransomwares:<\/span><\/p>\n<ol>\n<li aria-level=\"1\"><strong>NotPetya <\/strong>\u2013 While NotPetya appears as a form of ransomware, its main purpose was to destroy data and disk structures on compromised systems. It contains worm-like features to spread itself across a computer network using the SMBv1 exploits EternalBlue and EternalRomance.<\/li>\n<li aria-level=\"1\"><strong>Bazar <\/strong>\u2013 Bazar is a downloader and backdoor with infections primarily against professional services, healthcare, manufacturing, IT, logistics and travel companies across the US and Europe.<\/li>\n<li aria-level=\"1\"><strong>Conti <\/strong>\u2013 Conti is a ransomware-as-a-service that has been used against major corporations and government agencies, particularly those in North America.<\/li>\n<li aria-level=\"1\"><strong>Emotet <\/strong>\u2013 Emotet is a modular malware variant used as a downloader for other malwares such as TrickBot. It has been primarily used to target the banking sector.<\/li>\n<li aria-level=\"1\"><strong>Ryuk <\/strong>\u2013 Ryuk is a ransomware designed to target enterprise environments.<\/li>\n<li aria-level=\"1\"><strong>TrickBot <\/strong>\u2013 <a href=\"https:\/\/attack.mitre.org\/software\/S0266\" rel=\"noopener nofollow\" target=\"_blank\"><span>TrickBot<\/span><\/a> is a Trojan spyware program used for targeting banking sites in North America, Australia, and throughout Europe; it has since been used against all sectors worldwide as part of &#8220;big game hunting&#8221; ransomware campaigns.<br><br><\/li>\n<\/ol>\n<h2 style=\"font-size: 24px;\">How SCADAfence Helps Industrial Organizations<\/h2>\n<p>We provide a comprehensive solution &#8211; <a href=\"https:\/\/www.scadafence.com\/platform\/\" rel=\"noopener\" target=\"_blank\"><span>The SCADAfence platform<\/span><\/a> which was built to protect industrial organizations like yours from industrial cyber attacks (including <a href=\"\/how-you-should-prevent-ransomware-attacks-on-your-industrial-networks\" rel=\"noopener\" target=\"_blank\"><span>ransomware<\/span><\/a>). It also helps you implement better security practices amongst its built-in features. Some of these include:<\/p>\n<ul>\n<li aria-level=\"1\">Asset Management&nbsp;<\/li>\n<li aria-level=\"1\">Network Maps<\/li>\n<li aria-level=\"1\">Traffic Analyzers<\/li>\n<\/ul>\n<p>The platform, which is also the<a href=\"https:\/\/www.scadafence.com\/customers-give-scadafence-networks-top-score\/\" rel=\"noopener\" target=\"_blank\"><span> highest-rated OT &amp; IoT security platform<\/span><\/a>, also monitors the network traffic for any threats, including ones that are found in typical ransomware attacks; such as:<\/p>\n<ul>\n<li aria-level=\"1\">Security exploits being sent across the network.<\/li>\n<li aria-level=\"1\">Lateral movement attempts using the latest techniques.<\/li>\n<li aria-level=\"1\">Network scanning and network reconnaissance.<br><br><\/li>\n<\/ul>\n<p>SCADAfence&#8217;s security research team is constantly tracking events and incidents, analyzing them, and implementing different ways to detect those events.<\/p>\n<ul>\n<li aria-level=\"1\">The <a href=\"https:\/\/www.scadafence.com\/\" rel=\"noopener\" target=\"_blank\">SCADAfence<\/a> Platform detects the use of WMI and SMB, used by HermeticWizard for spreading across the network.<\/li>\n<li aria-level=\"1\">The Platform also detects various tools and vulnerabilities used by Russian APTs, attacks and malware such as: EternalBlue &amp; EternalRomance, BlueKeep, Metasploit, Cobalt-Strike, Remote Services, Remote Scheduled Tasks, OS Credential Dumping (Mimikatz), BITSAdmin and SMB brute-force.<\/li>\n<li aria-level=\"1\">The Platform provides an up to date reputation service to track malicious files, IPs and domains associated with Russian APTs and malware.<\/li>\n<\/ul>\n\n<h2 style=\"font-size: 24px;\">Recommendations &amp; Best Practices<\/h2>\n<p>SCADAfence team recommends following the best practices:<\/p>\n<ul>\n<li aria-level=\"1\"><span style=\"color: #222222;\">Make sure secure offline backups of critical systems are available and up-to-date.<\/span><\/li>\n<li aria-level=\"1\"><span style=\"color: #222222;\">Apply the latest security patches on the assets in the network.<\/span><\/li>\n<li aria-level=\"1\"><span style=\"color: #222222;\">Use unique passwords and multi-factor authentication on authentication paths to OT assets.<\/span><\/li>\n<li style=\"color: #333333;\" aria-level=\"1\"><span style=\"color: #222222;\">Enable strong spam filters to prevent phishing emails from reaching end users.<\/span><\/li>\n<li style=\"color: #333333;\" aria-level=\"1\"><span style=\"color: #222222;\">Disable ports and protocols that are not essential.<\/span><\/li>\n<li aria-level=\"1\"><span style=\"color: #222222;\">Encrypt sensitive data when possible.<\/span><\/li>\n<li aria-level=\"1\"><span style=\"color: #222222;\">Educate staff about the risks and methods of ransomware attacks and how to avoid infection.<\/span><\/li>\n<li aria-level=\"1\"><strong><span style=\"color: #222222;\">Recommendation for HermeticWizard<\/span><\/strong><span style=\"color: #222222;\">: Monitor traffic on the ports HermeticWizard uses to worm through networks \u2013 ports 20, 21, 80, 135, 137, 139, 443, and 445.<\/span><\/li>\n<li aria-level=\"1\"><strong><span style=\"color: #222222;\">Recommendation for HermeticRansom<\/span><\/strong><span style=\"color: #222222;\">: Consider using the Go script in the following <\/span><a href=\"https:\/\/www.crowdstrike.com\/blog\/how-to-decrypt-the-partyticket-ransomware-targeting-ukraine\/\" style=\"color: #4f7cac;\" rel=\"nofollow noopener\" target=\"_blank\"><span>link<\/span> <\/a><span style=\"color: #222222;\">for decryption purposes.<\/span><\/li>\n<\/ul><\/span>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-5987d9c elementor-widget elementor-widget-shortcode\" data-id=\"5987d9c\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"shortcode.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<div class=\"elementor-shortcode\">\t\t<div data-elementor-type=\"page\" data-elementor-id=\"18103\" class=\"elementor elementor-18103\">\n\t\t\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-748947f elementor-section-full_width elementor-section-height-default elementor-section-height-default\" data-id=\"748947f\" data-element_type=\"section\" data-e-type=\"section\" data-settings=\"{&quot;jet_parallax_layout_list&quot;:[{&quot;jet_parallax_layout_image&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;_id&quot;:&quot;c4f773e&quot;,&quot;jet_parallax_layout_image_tablet&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_image_mobile&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_speed&quot;:{&quot;unit&quot;:&quot;%&quot;,&quot;size&quot;:50,&quot;sizes&quot;:[]},&quot;jet_parallax_layout_type&quot;:&quot;scroll&quot;,&quot;jet_parallax_layout_direction&quot;:&quot;1&quot;,&quot;jet_parallax_layout_fx_direction&quot;:null,&quot;jet_parallax_layout_z_index&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_x&quot;:50,&quot;jet_parallax_layout_bg_x_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_x_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_y&quot;:50,&quot;jet_parallax_layout_bg_y_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_y_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_size&quot;:&quot;auto&quot;,&quot;jet_parallax_layout_bg_size_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_size_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_animation_prop&quot;:&quot;transform&quot;,&quot;jet_parallax_layout_on&quot;:[&quot;desktop&quot;,&quot;tablet&quot;]}]}\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-7995c19\" data-id=\"7995c19\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-a437045 elementor-widget elementor-widget-image-box\" data-id=\"a437045\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"image-box.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<div class=\"elementor-image-box-wrapper\"><div class=\"elementor-image-box-content\"><h3 class=\"elementor-image-box-title\">About Version 2 Digital<\/h3><p class=\"elementor-image-box-description\">Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.\n<br><br>\nThrough an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.<\/p><\/div><\/div>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>\n\t\t\n\t\t<div data-elementor-type=\"page\" data-elementor-id=\"18130\" class=\"elementor elementor-18130\">\n\t\t\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-748947f elementor-section-full_width elementor-section-height-default elementor-section-height-default\" data-id=\"748947f\" data-element_type=\"section\" data-e-type=\"section\" data-settings=\"{&quot;jet_parallax_layout_list&quot;:[{&quot;jet_parallax_layout_image&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;_id&quot;:&quot;c4f773e&quot;,&quot;jet_parallax_layout_image_tablet&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_image_mobile&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_speed&quot;:{&quot;unit&quot;:&quot;%&quot;,&quot;size&quot;:50,&quot;sizes&quot;:[]},&quot;jet_parallax_layout_type&quot;:&quot;scroll&quot;,&quot;jet_parallax_layout_direction&quot;:&quot;1&quot;,&quot;jet_parallax_layout_fx_direction&quot;:null,&quot;jet_parallax_layout_z_index&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_x&quot;:50,&quot;jet_parallax_layout_bg_y&quot;:50,&quot;jet_parallax_layout_bg_size&quot;:&quot;auto&quot;,&quot;jet_parallax_layout_animation_prop&quot;:&quot;transform&quot;,&quot;jet_parallax_layout_on&quot;:[&quot;desktop&quot;,&quot;tablet&quot;],&quot;jet_parallax_layout_bg_x_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_x_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_y_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_y_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_size_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_size_mobile&quot;:&quot;&quot;}]}\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-7995c19\" data-id=\"7995c19\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-ff2a228 elementor-widget elementor-widget-text-editor\" data-id=\"ff2a228\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p><\/p>\n<p><strong>About SCADAfence<\/strong><br \/>SCADAfence helps companies with large-scale operational technology (OT) networks embrace the benefits of industrial IoT by reducing cyber risks and mitigating operational threats. Our non-intrusive platform provides full coverage of large-scale networks, offering best-in-class detection accuracy, asset discovery and user experience. The platform seamlessly integrates OT security within existing security operations, bridging the IT\/OT convergence gap. SCADAfence secures OT networks in manufacturing, building management and critical infrastructure industries. We deliver security and visibility for some of world\u2019s most complex OT networks, including Europe\u2019s largest manufacturing facility. With SCADAfence, companies can operate securely, reliably and efficiently as they go through the digital transformation journey.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>\n\t\t","protected":false},"excerpt":{"rendered":"<p>In recent weeks, Ukraine has been hit with numerous cyb [&hellip;]<\/p>\n","protected":false},"author":143524195,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[417,488,61],"tags":[418,489],"class_list":["post-44637","post","type-post","status-publish","format-standard","hentry","category-scadafence","category-488","category-press-release","tag-scadafence","tag-489"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.5 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>The Russia-Ukraine Conflict from an Industrial Cybersecurity Perspective - Version 2<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/blog.scadafence.com\/the-russia-ukraine-conflict-from-an-industrial-cybersecurity-perspective\" \/>\n<meta property=\"og:locale\" content=\"zh_HK\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"The Russia-Ukraine Conflict from an Industrial Cybersecurity Perspective - Version 2\" \/>\n<meta property=\"og:description\" content=\"In recent weeks, Ukraine has been hit with numerous cyb [&hellip;]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/blog.scadafence.com\/the-russia-ukraine-conflict-from-an-industrial-cybersecurity-perspective\" \/>\n<meta property=\"og:site_name\" content=\"Version 2\" \/>\n<meta property=\"article:published_time\" content=\"2022-03-01T02:17:48+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2022-03-16T03:25:27+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/blog.scadafence.com\/hubfs\/The%20Russia-Ukraine%20Conflict.png\" \/>\n<meta name=\"author\" content=\"version2hk\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"\u4f5c\u8005\" \/>\n\t<meta name=\"twitter:data1\" content=\"version2hk\" \/>\n\t<meta name=\"twitter:label2\" content=\"\u9810\u8a08\u95b1\u8b80\u6642\u9593\" \/>\n\t<meta name=\"twitter:data2\" content=\"8 \u5206\u9418\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/blog.scadafence.com\\\/the-russia-ukraine-conflict-from-an-industrial-cybersecurity-perspective#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/2022\\\/03\\\/the-russia-ukraine-conflict-from-an-industrial-cybersecurity-perspective\\\/\"},\"author\":{\"name\":\"version2hk\",\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#\\\/schema\\\/person\\\/d14d2d3cd77ffdb618b9f1330fe084db\"},\"headline\":\"The Russia-Ukraine Conflict from an Industrial Cybersecurity Perspective\",\"datePublished\":\"2022-03-01T02:17:48+00:00\",\"dateModified\":\"2022-03-16T03:25:27+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/2022\\\/03\\\/the-russia-ukraine-conflict-from-an-industrial-cybersecurity-perspective\\\/\"},\"wordCount\":1347,\"publisher\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/blog.scadafence.com\\\/the-russia-ukraine-conflict-from-an-industrial-cybersecurity-perspective#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/blog.scadafence.com\\\/hubfs\\\/The%20Russia-Ukraine%20Conflict.png\",\"keywords\":[\"SCADAfence\",\"2022\"],\"articleSection\":[\"SCADAfence\",\"2022\",\"Press Release\"],\"inLanguage\":\"zh-HK\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/version-2.com\\\/2022\\\/03\\\/the-russia-ukraine-conflict-from-an-industrial-cybersecurity-perspective\\\/\",\"url\":\"https:\\\/\\\/blog.scadafence.com\\\/the-russia-ukraine-conflict-from-an-industrial-cybersecurity-perspective\",\"name\":\"The Russia-Ukraine Conflict from an Industrial Cybersecurity Perspective - Version 2\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/blog.scadafence.com\\\/the-russia-ukraine-conflict-from-an-industrial-cybersecurity-perspective#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/blog.scadafence.com\\\/the-russia-ukraine-conflict-from-an-industrial-cybersecurity-perspective#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/blog.scadafence.com\\\/hubfs\\\/The%20Russia-Ukraine%20Conflict.png\",\"datePublished\":\"2022-03-01T02:17:48+00:00\",\"dateModified\":\"2022-03-16T03:25:27+00:00\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/blog.scadafence.com\\\/the-russia-ukraine-conflict-from-an-industrial-cybersecurity-perspective#breadcrumb\"},\"inLanguage\":\"zh-HK\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/blog.scadafence.com\\\/the-russia-ukraine-conflict-from-an-industrial-cybersecurity-perspective\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"zh-HK\",\"@id\":\"https:\\\/\\\/blog.scadafence.com\\\/the-russia-ukraine-conflict-from-an-industrial-cybersecurity-perspective#primaryimage\",\"url\":\"https:\\\/\\\/blog.scadafence.com\\\/hubfs\\\/The%20Russia-Ukraine%20Conflict.png\",\"contentUrl\":\"https:\\\/\\\/blog.scadafence.com\\\/hubfs\\\/The%20Russia-Ukraine%20Conflict.png\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/blog.scadafence.com\\\/the-russia-ukraine-conflict-from-an-industrial-cybersecurity-perspective#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"\u9996\u9801\",\"item\":\"https:\\\/\\\/version-2.com\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"The Russia-Ukraine Conflict from an Industrial Cybersecurity Perspective\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#website\",\"url\":\"https:\\\/\\\/version-2.com\\\/zh\\\/\",\"name\":\"Version 2\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/version-2.com\\\/zh\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"zh-HK\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#organization\",\"name\":\"Version 2\",\"url\":\"https:\\\/\\\/version-2.com\\\/zh\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"zh-HK\",\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/i0.wp.com\\\/version-2.com\\\/wp-content\\\/uploads\\\/2020\\\/08\\\/v2-hk-hor-4.png?fit=1795%2C335&ssl=1\",\"contentUrl\":\"https:\\\/\\\/i0.wp.com\\\/version-2.com\\\/wp-content\\\/uploads\\\/2020\\\/08\\\/v2-hk-hor-4.png?fit=1795%2C335&ssl=1\",\"width\":1795,\"height\":335,\"caption\":\"Version 2\"},\"image\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#\\\/schema\\\/logo\\\/image\\\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#\\\/schema\\\/person\\\/d14d2d3cd77ffdb618b9f1330fe084db\",\"name\":\"version2hk\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"zh-HK\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/d280627252b42d7489de74dd88aa04043a495f25e258575000dc767e287bf94c?s=96&d=identicon&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/d280627252b42d7489de74dd88aa04043a495f25e258575000dc767e287bf94c?s=96&d=identicon&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/d280627252b42d7489de74dd88aa04043a495f25e258575000dc767e287bf94c?s=96&d=identicon&r=g\",\"caption\":\"version2hk\"},\"sameAs\":[\"http:\\\/\\\/version2xfortcom.wordpress.com\"],\"url\":\"https:\\\/\\\/version-2.com\\\/zh\\\/author\\\/version2hk\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"The Russia-Ukraine Conflict from an Industrial Cybersecurity Perspective - Version 2","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/blog.scadafence.com\/the-russia-ukraine-conflict-from-an-industrial-cybersecurity-perspective","og_locale":"zh_HK","og_type":"article","og_title":"The Russia-Ukraine Conflict from an Industrial Cybersecurity Perspective - Version 2","og_description":"In recent weeks, Ukraine has been hit with numerous cyb [&hellip;]","og_url":"https:\/\/blog.scadafence.com\/the-russia-ukraine-conflict-from-an-industrial-cybersecurity-perspective","og_site_name":"Version 2","article_published_time":"2022-03-01T02:17:48+00:00","article_modified_time":"2022-03-16T03:25:27+00:00","og_image":[{"url":"https:\/\/blog.scadafence.com\/hubfs\/The%20Russia-Ukraine%20Conflict.png","type":"","width":"","height":""}],"author":"version2hk","twitter_card":"summary_large_image","twitter_misc":{"\u4f5c\u8005":"version2hk","\u9810\u8a08\u95b1\u8b80\u6642\u9593":"8 \u5206\u9418"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/blog.scadafence.com\/the-russia-ukraine-conflict-from-an-industrial-cybersecurity-perspective#article","isPartOf":{"@id":"https:\/\/version-2.com\/2022\/03\/the-russia-ukraine-conflict-from-an-industrial-cybersecurity-perspective\/"},"author":{"name":"version2hk","@id":"https:\/\/version-2.com\/zh\/#\/schema\/person\/d14d2d3cd77ffdb618b9f1330fe084db"},"headline":"The Russia-Ukraine Conflict from an Industrial Cybersecurity Perspective","datePublished":"2022-03-01T02:17:48+00:00","dateModified":"2022-03-16T03:25:27+00:00","mainEntityOfPage":{"@id":"https:\/\/version-2.com\/2022\/03\/the-russia-ukraine-conflict-from-an-industrial-cybersecurity-perspective\/"},"wordCount":1347,"publisher":{"@id":"https:\/\/version-2.com\/zh\/#organization"},"image":{"@id":"https:\/\/blog.scadafence.com\/the-russia-ukraine-conflict-from-an-industrial-cybersecurity-perspective#primaryimage"},"thumbnailUrl":"https:\/\/blog.scadafence.com\/hubfs\/The%20Russia-Ukraine%20Conflict.png","keywords":["SCADAfence","2022"],"articleSection":["SCADAfence","2022","Press Release"],"inLanguage":"zh-HK"},{"@type":"WebPage","@id":"https:\/\/version-2.com\/2022\/03\/the-russia-ukraine-conflict-from-an-industrial-cybersecurity-perspective\/","url":"https:\/\/blog.scadafence.com\/the-russia-ukraine-conflict-from-an-industrial-cybersecurity-perspective","name":"The Russia-Ukraine Conflict from an Industrial Cybersecurity Perspective - Version 2","isPartOf":{"@id":"https:\/\/version-2.com\/zh\/#website"},"primaryImageOfPage":{"@id":"https:\/\/blog.scadafence.com\/the-russia-ukraine-conflict-from-an-industrial-cybersecurity-perspective#primaryimage"},"image":{"@id":"https:\/\/blog.scadafence.com\/the-russia-ukraine-conflict-from-an-industrial-cybersecurity-perspective#primaryimage"},"thumbnailUrl":"https:\/\/blog.scadafence.com\/hubfs\/The%20Russia-Ukraine%20Conflict.png","datePublished":"2022-03-01T02:17:48+00:00","dateModified":"2022-03-16T03:25:27+00:00","breadcrumb":{"@id":"https:\/\/blog.scadafence.com\/the-russia-ukraine-conflict-from-an-industrial-cybersecurity-perspective#breadcrumb"},"inLanguage":"zh-HK","potentialAction":[{"@type":"ReadAction","target":["https:\/\/blog.scadafence.com\/the-russia-ukraine-conflict-from-an-industrial-cybersecurity-perspective"]}]},{"@type":"ImageObject","inLanguage":"zh-HK","@id":"https:\/\/blog.scadafence.com\/the-russia-ukraine-conflict-from-an-industrial-cybersecurity-perspective#primaryimage","url":"https:\/\/blog.scadafence.com\/hubfs\/The%20Russia-Ukraine%20Conflict.png","contentUrl":"https:\/\/blog.scadafence.com\/hubfs\/The%20Russia-Ukraine%20Conflict.png"},{"@type":"BreadcrumbList","@id":"https:\/\/blog.scadafence.com\/the-russia-ukraine-conflict-from-an-industrial-cybersecurity-perspective#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"\u9996\u9801","item":"https:\/\/version-2.com\/"},{"@type":"ListItem","position":2,"name":"The Russia-Ukraine Conflict from an Industrial Cybersecurity Perspective"}]},{"@type":"WebSite","@id":"https:\/\/version-2.com\/zh\/#website","url":"https:\/\/version-2.com\/zh\/","name":"Version 2","description":"","publisher":{"@id":"https:\/\/version-2.com\/zh\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/version-2.com\/zh\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"zh-HK"},{"@type":"Organization","@id":"https:\/\/version-2.com\/zh\/#organization","name":"Version 2","url":"https:\/\/version-2.com\/zh\/","logo":{"@type":"ImageObject","inLanguage":"zh-HK","@id":"https:\/\/version-2.com\/zh\/#\/schema\/logo\/image\/","url":"https:\/\/i0.wp.com\/version-2.com\/wp-content\/uploads\/2020\/08\/v2-hk-hor-4.png?fit=1795%2C335&ssl=1","contentUrl":"https:\/\/i0.wp.com\/version-2.com\/wp-content\/uploads\/2020\/08\/v2-hk-hor-4.png?fit=1795%2C335&ssl=1","width":1795,"height":335,"caption":"Version 2"},"image":{"@id":"https:\/\/version-2.com\/zh\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/version-2.com\/zh\/#\/schema\/person\/d14d2d3cd77ffdb618b9f1330fe084db","name":"version2hk","image":{"@type":"ImageObject","inLanguage":"zh-HK","@id":"https:\/\/secure.gravatar.com\/avatar\/d280627252b42d7489de74dd88aa04043a495f25e258575000dc767e287bf94c?s=96&d=identicon&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/d280627252b42d7489de74dd88aa04043a495f25e258575000dc767e287bf94c?s=96&d=identicon&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/d280627252b42d7489de74dd88aa04043a495f25e258575000dc767e287bf94c?s=96&d=identicon&r=g","caption":"version2hk"},"sameAs":["http:\/\/version2xfortcom.wordpress.com"],"url":"https:\/\/version-2.com\/zh\/author\/version2hk\/"}]}},"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/pbQRKm-bBX","post_mailing_queue_ids":[],"_links":{"self":[{"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/posts\/44637","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/users\/143524195"}],"replies":[{"embeddable":true,"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/comments?post=44637"}],"version-history":[{"count":1,"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/posts\/44637\/revisions"}],"predecessor-version":[{"id":44646,"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/posts\/44637\/revisions\/44646"}],"wp:attachment":[{"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/media?parent=44637"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/categories?post=44637"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/tags?post=44637"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}