Researchers at cyber security company Symantec have warned, advanced hackers who have earlier targeted energy companies in Europe and in the United States, have in some cases managed to penetrate into core systems that control the companies’ operations.
In a report published on Wednesday, researchers at Symantec disclosed that hackers having targeted these institutions with malicious email campaigns have gained entry into organizations in Switzerland, United States and Turkey, as well as in other countries.
The cyber attacks, which began in late 2015, have increased in frequency in April this year.
In an interview, Eric Chien, a cyber security researcher from Symantec said, these attacks are probably the work of a foreign government and have the hallmarks of the Dragonfly, a hacking group.
The report adds to concerns that industrial firms, including utilities and power providers, are vulnerable to cyber attacks that could be leveraged for destructive purposes in the event of a major geopolitical conflict.
Earlier in June, the U.S. government had warned industrial firms on a hacking campaign that targeted nuclear and energy sectors through phishing emails that harvested credentials in order to gain access to the targeted networks.
As per Chien, while dozens of companies have been targeted across the world, a handful of them have been compromised on the operational level. This level of access means that motivation is “the only step left” which prevents “sabotage of the power grid,” said Chien.
Dragonfly was active from 2011 to 2014. After security researchers exposed its attacks, the group, which also goes by the name of Energetic Bear or Koala, became dormant.
Among the cyber security community, it is widely to be tied to the Russian government.
Although Symantec’s report did not specifically mention Russia, its report however noted that the attackers used code strings that were in Russian and French. This could mean that the attackers were attempting to make obfuscate their identity, said Symantec.
References:
reuters.com
In a report published on Wednesday, researchers at Symantec disclosed that hackers having targeted these institutions with malicious email campaigns have gained entry into organizations in Switzerland, United States and Turkey, as well as in other countries.
The cyber attacks, which began in late 2015, have increased in frequency in April this year.
In an interview, Eric Chien, a cyber security researcher from Symantec said, these attacks are probably the work of a foreign government and have the hallmarks of the Dragonfly, a hacking group.
The report adds to concerns that industrial firms, including utilities and power providers, are vulnerable to cyber attacks that could be leveraged for destructive purposes in the event of a major geopolitical conflict.
Earlier in June, the U.S. government had warned industrial firms on a hacking campaign that targeted nuclear and energy sectors through phishing emails that harvested credentials in order to gain access to the targeted networks.
As per Chien, while dozens of companies have been targeted across the world, a handful of them have been compromised on the operational level. This level of access means that motivation is “the only step left” which prevents “sabotage of the power grid,” said Chien.
Dragonfly was active from 2011 to 2014. After security researchers exposed its attacks, the group, which also goes by the name of Energetic Bear or Koala, became dormant.
Among the cyber security community, it is widely to be tied to the Russian government.
Although Symantec’s report did not specifically mention Russia, its report however noted that the attackers used code strings that were in Russian and French. This could mean that the attackers were attempting to make obfuscate their identity, said Symantec.
References:
reuters.com
