Russian Hacker Group Is Targeting Western Energy Sector Anew

The cyber espionage group known as Dragonfly has re-emerged and is carrying out attacks on critical infrastructure with the potential for sabotage, Symantec reports.

MOUNTAIN VIEW, Calif. — Evidence continues to pour in that indicates critical infrastructure in the North American and European energy sectors is under attack by Russian hackers.

A new wave of cyber attacks being unleashed by a Russian group known as Dragonfly could provide the infiltrators with the means to severely disrupt affected operations, according to a new report by Symantec.

Dragonfly has re-emerged during the past two years from a quiet period following exposure by Symantec and other researchers in 2014. This “Dragonfly 2.0” campaign, which appears to have begun in late 2015, shares tactics and tools used in earlier campaigns by the group, according to Symantec.

Symantec has evidence indicating that the Dragonfly 2.0 campaign has been underway since at least December 2015 and has identified a distinct increase in activity in 2017.

The latest cyber incursions indicate Dragonfly is likely interested in both learning how energy facilities operate and also gaining access to operational systems themselves, Symantec suggests, to the extent the group now potentially has the ability to sabotage or gain control of these systems should it decide to do so.

The energy sector has become an area of increased interest to cyber attackers over the past two years. Most notably, disruptions to Ukraine’s power system in 2015 and 2016 were attributed to a cyber attack and led to power outages affecting hundreds of thousands of people. In recent months, there have also been media reports of attempted attacks on the electricity grids in some European countries, as well as reports of companies that manage nuclear facilities in the U.S. being compromised by hackers.

Symantec reports it has strong indications of attacker activity in organizations in the U.S., Turkey, and Switzerland, with traces of activity in organizations outside of these countries. The U.S. and Turkey were also among the countries targeted by Dragonfly in its earlier campaign, though the focus on organizations in Turkey does appear to have increased dramatically in this more recent campaign.

To read the full report, go here.

If you enjoyed this article and want to receive more valuable industry content like this, click here to sign up for our FREE digital newsletters!

Tagged with: Cybersecurity News

Security Is Our Business, Too

For professionals who recommend, buy and install all types of electronic security equipment, a free subscription to Commercial Integrator + Security Sales & Integration is like having a consultant on call. You’ll find an ideal balance of technology and business coverage, with installation tips and techniques for products and updates on how to add to your bottom line.

A FREE subscription to the top resource for security and integration industry will prove to be invaluable.

Subscribe Today!

Leave a Reply

Your email address will not be published. Required fields are marked *

Get Our Newsletters