Energy industry firms Shell, Helix Energy, Halliburton, and Oceaneering had their satellite receivers claimed to be compromised by the SiegedSec hacking group after conducting a "delicious supply chain attack" against satellite supplier ITC Global, CyberScoop reports.
Various satellite receivers primarily used for accurate positioning may have been impacted by SiegedSec but only monitoring services seem to be affected, according to Xona Chief Technology Officer Ron Fabela, who added that some ITC Global portal accounts have been deleted by the attackers.
"We have more going on with ITC Global aside from just deleting accounts, however I can't go into specifics," said SiegedSec in a statement.
Such an attack comes after the hacking operation targeted several U.S. states that have prohibited gender affirming care. Among SiegedSec's most recent victims include the City of Fortworth, Texas, the Nebraska Supreme Court, the Texas State Behavioral Health Executive Council, the South Dakota Boards and Commissions website, the Pennsylvania Provider Self-Service website, and the South Carolina Criminal Justice Information Services portal.
Using such information to contact organizations with internet-accessible programmable logic controllers resulted in a 34% reduction in PLC exposure in just a month, according to researchers, who noted testing the algorithm on Allen Bradley, Omron, and Wago PLCs.
Immediate action to take down state courts' websites, judicial information systems, and related services has been taken to avert further compromise, according to AOC Associate Director Wendy Ferrell, who noted restoration efforts to be underway.
Threat actors using an account from a previously targeted organization dubbed "Org A" impersonated IT staff to target employees of a U.S. critical infrastructure entity dubbed "Org C" with Teams messages seeking remote system access permissions via Quick Assist, an analysis from Hunters revealed.