"Russian Hackers Employ LOTL Technique for Power Outage Attacks"
Russian state hackers known as Sandworm have adopted living-off-the-land (LOTL) techniques to breach industrial control systems (ICS) more efficiently and with less detectable malware. In a recent attack on a Ukrainian critical infrastructure organization, Sandworm used a native binary to send commands to the SCADA system, resulting in a power outage. The hackers also deployed data-destroying malware to further disrupt the environment. Security researchers believe that Sandworm's shift to LOTL techniques and their ability to recognize new OT threat vectors indicate a growing maturity in Russia's offensive OT arsenal, making them capable of carrying out attacks against OT systems from different vendors.