A nation-state threat actor targets industrial systems. It’s hard to recover from a threat to industrial systems. Lazarus Group resumes Operation Dream Job. OldGremlin is back. Conti runs like a business.

A nation-state threat actor, likely Russian, is targeting industrial systems, as evidenced by the GRU's earlier attempt against Ukraine's power grid. This threat poses significant challenges for recovery due to the complexity of industrial systems. The Lazarus Group has resumed its Operation Dream Job, targeting the chemical sector. Meanwhile, the OldGremlin ransomware group, which speaks Russian and targets Russian companies, has been found to have an HR department, performance reviews, and an "employee of the month." The U.S. has warned that newly discovered malware could sabotage energy plants, and a wind turbine giant, Nordex, has been hit by a cyber-attack. Industroyer2 is targeting Ukraine's electric grid, and companies are advised to stay protected and resilient. The U.S. and EU are sending more arms to Ukraine amid the ongoing conflict. APT cyber tools are targeting ICS/SCADA devices, and a leaked document shows a notorious ransomware group's organizational structure.