In May 2023, a European nation’s critical energy infrastructure endured its most extensive cyberattack: a silent, coordinated multi-wave campaign by sophisticated threat actors targeting 22 energy companies with precision. Exploiting a critical zero-day vulnerability (CVE-2023-28771) in firewalls safeguarding industrial control systems (ICS) and operational technology (OT), the stealthy first wave compromised defenses across the decentralized sector. The national CERT disrupted the assault using Corelight software, which delivered unparalleled network visibility to detect anomalies, trace exploits in real-time, and enable swift containment—thwarting widespread disruption and protecting vital energy operations.

Join for free to read