This website uses cookies primarily for visitor analytics. Certain pages will ask you to fill in contact details to receive additional information. On these pages you have the option of having the site log your details for future visits. Indicating you want the site to remember your details will place a cookie on your device. To view our full cookie policy, please click here. You can also view it at any time by going to our Contact Us page.

International energy firms hacked by Eastern European cyber-espionage group

01 July 2014

More than 1,000 energy companies in North America and Europe have been compromised in a huge malware attack unearthed by US security firm Symantec. The hackers are thought to be part of an Eastern European collective known as Dragonfly, which has been in operation since at least 2011.

Stock image
Stock image

Eighty four countries were affected, although most of the victims were located in the United States, Spain, France, Italy, Germany, Turkey, and Poland. Targets included energy grid operators and industrial equipment providers and Symantec said the primary goal appeared to be espionage.
 
Since 2013 Dragonfly has been targeting organisations that use industrial control systems (ICS) to manage electrical, water, oil, gas and data systems.

Symantec said Dragonfly had accessed computers using a variety of techniques, including attaching malware to third-party programs, emails and websites, giving it "the capability to mount sabotage operations that could have disrupted energy supplies across a number of European countries".

It had used Backdoor.Oldrea to gather system information, including the computers' Outlook address book and a list of files and programs installed, and Trojan.Karagany to upload stolen data, download new files and run them on infected computers, Symantec said.

The attack is similar to the Stuxnet computer worm, which was designed to attack similar industrial controllers in 2010 and reportedly ruined almost 20% of Iran's nuclear power plants.

Symantec said Dragonfly "bears the hallmarks of a state-sponsored operation, displaying a high degree of technical capability".


Print this page | E-mail this page

CSA Sira Test