Hostile state actors compromising UK organisations with focus on
engineering and industrial control companies
Published: 2018-04-04 · Archived: 2026-04-05 14:58:52 UTC
This advisory highlights the sustained risk to UK companies involved as well as providing further details on the
activity and guidance for any organisations affected.
Introduction
The NCSC is aware of an ongoing attack campaign against multiple companies involved in the CNI supply chain.
These attacks have been ongoing since at least March 2017. The targeting is focused on engineering and industrial
control companies and has involved the harvesting of NTLM credentials via Server Message Block (SMB) using
strategic web compromises and spear-phishing.
This advisory highlights the sustained risk to UK companies involved in these sectors as well as providing further
details on the activity and guidance for any organisations affected. Further information on this activity was
published on 15 March by the US Department of Homeland Security.
Download the advisory (below).
Downloads
Share and print this article
Published
Publish date
4 April 2018
Written for
Written for
Also see
Source: https://www.ncsc.gov.uk/alerts/hostile-state-actors-compromising-uk-organisations-focus-engineering-and-industrial-control
https://www.ncsc.gov.uk/alerts/hostile-state-actors-compromising-uk-organisations-focus-engineering-and-industrial-control
Page 1 of 1