Castle

Castle is a threat actor identified in the cybersecurity industry, responsible for the execution of actions with malicious intent. The Castle campaign has been linked to another threat group known as Iron Liberty, due to similarities in their target sectors and techniques. Both groups have been noted for targeting the energy sector, specifically Industrial Control System (ICS) companies, and for using similar methods, such as the deployment of energy industry Software Weaknesses and Configuration issues (SWCs). Despite some third parties suggesting that Castle and Iron Liberty are separate entities due to differences in their campaigns, CTU researchers have found enough common ground to link them together. The base of operations for Castle seems to be located at 1209 Orange Street, Corporation Trust Center, Wilmington, New Castle, Delaware 19801 USA, with a key contact being David Correa at the same address. This location appears multiple times in the information provided, suggesting its importance in the operations of the Castle threat actor. The mention of Barry Laing, Castle Cove Governor of the Reserve Bank, and Michele Bullock, Reserve Bank Governor, might suggest potential targets or affiliates, although this requires further investigation. In an unrelated incident, a security breach occurred at Windsor Castle involving a 21-year-old individual named Chail. He was sentenced to nine years for breaking into the castle with a crossbow, declaring his intention to kill the Queen. While this event involves a castle, it does not seem to be directly related to the activities of the Castle threat actor group.