In May, Danish critical infrastructure faced the biggest cyber attack on record that hit the country, reported SektorCERT, Denmark’s Computer Security Incident Response Team (CSIRT) for the critical infrastructure sectors.
A first wave of attacks was launched on May 11, then after a short pause, a second wave of attacks began on May 22. SektorCERT became aware of the attacks on May 22.
SektorCERT reported that threat actors compromised the networks of 22 companies operating in the energy infrastructure. According to the report, 11 companies were immediately compromised. The attackers exploited zero-day vulnerabilities in Zyxel firewalls used by many critical infrastructure operators in Denmark.
Read the rest of the story from Security Affairs here.