OUR PICKSTerrorists’ Weaponized Aerial Drones | Cyber Criminals Impersonating Brands | Hackers Collect Utilities’ Consumer Personal Data, and more

Hackers Stole Data from Multiple Electric Utilities in Recent Ransomware Attack  (Sean Lyngaas, CNN)
Hackers stole data belonging to multiple electric utilities in an October ransomware attack on a US government contractor that handles critical infrastructure projects across the country, according to a memo describing the hack obtained by CNN. Federal officials have closely monitored the incident for any potential broader impact on the US power sector while private investigators have combed the dark web for the stolen data, according to the memo sent this month to power company executives by the North American grid regulator’s cyberthreat sharing center. The previously unreported incident is a window into how ransomware attacks on critical US companies are handled behind the scenes as lawyers and federal investigators quietly spring into action to determine the extent of the damage. The ransomware attack hit Chicago-based Sargent & Lundy, an engineering firm that has designed more than 900 power stations and thousands of miles of power systems and that holds sensitive data on those projects. The firm also handles nuclear security issues, working with the departments of Defense, Energy and other agencies “to strengthen nuclear deterrence” and keep weapons of mass destruction out of terrorists’ hands, according to its website. Two people familiar with the investigation of the Sargent & Lundy hack told CNN that the incident was contained and remediated, and didn’t appear to have a broader impact on other power-sector firms.

Weaponized Aerial Drones and the Homeland: Increasing Domestic Terrorism Concerns  (Robert J. Bunker, HSToday)
A single weaponized drone could engage in ISR and locate a target, engage that target with an IED, and also capture the attack on video.

Cyber Criminals Impersonating Brands Using Search Engine Advertisement Services to Defraud Users  (IC3)
The FBI is warning the public that cyber criminals are using search engine advertisement services to impersonate brands and direct users to malicious sites that host ransomware and steal login credentials and other financial information.

More Money for Info Ops, Army Recruiting, Cyber in Omnibus  (Lauren C. Williams, Defense One)
Defense research and development spending would rise again in 2023 if the House approves the omnibus spending bill passed by the Senate on Thursday. The bill contains $136.7 billion for research, development, test, and evaluation funding, nearly $10 billion more than the Biden administration asked and $20.5 billion up from last year.
A quick look at defense tech investments for existing programs shows continued support for autonomous technologies across a myriad of platforms, money for cybersecurity, missions, and forces, and more funds for research and development.