Skip to comments.AFP: Malware "Dragonfly" Aims at US, Europe Energy Sector
Posted on 07/02/2014 3:31:31 PM PDT by ransomnote
AFP news says: The US security firm Symantec said it identified malware targeting industrial control systems which could sabotage electric grids, power generators and pipelines
This Stuxnet-like malware attack is likely to be government-sponsored, says Symantec. No word about nuclear power plants.
From Security Week quoting AFP (6/30/2014; emphasis is mine): Malware Aims at US, Europe Energy Sector: Researchers
WASHINGTON - Cyberattackers, probably state sponsored, have been targeting energy operations in the United States and Europe since 2011 and were capable of causing significant damage, security researchers said Monday.
The US security firm Symantec said it identified malware targeting industrial control systems which could sabotage electric grids, power generators and pipelines.
"The attackers, known to Symantec as Dragonfly, managed to compromise a number of strategically important organizations for spying purposes," Symantec said in a blog post.
"If they had used the sabotage capabilities open to them, (they) could have caused damage or disruption to energy supplies in affected countries," it added.
The researchers said this malware is similar to Stuxnet, a virus believed to have been developed by the United States or Israel to contain threats from Iran.
"Dragonfly bears the hallmarks of a state-sponsored operation, displaying a high degree of technical capability," Symantec said.
"Its current main motive appears to be cyberespionage, with potential for sabotage a definite secondary capability."
Symantec said the Dragonfly, also known as Energetic Bear, appeared to be an operation based in Eastern Europe based on the hours of activity of those involved.
It said one of the tools was a Trojan that appeared to have originated in Russia. --------------more at the link
(Excerpt) Read more at ex-skf.blogspot.com ...
Then from the comments section of OP: "JULY 2, 2014 AT 5:03 AM Anonymous said... http://www.theregister.co.uk/2014/07/01/wondering_where_our_story_on_russians_hacking_energy_companies_is/
and don't miss the link given :
From the article linked:
“Well, remember the hacking incident at Monju earlier this year? A night-shift worker there downloaded a free video playback software from a supposed South Korean site and managed to infect the PC in the central control room. The PC was hacked, and email information was stolen. I haven’t seen the result of the follow-up investigation of the incident.”
What kind of computer security does the Monju nuclear power plant have that a night worker can download free video playback software and infect the PC in the central control room????
Thread from yesterday:
“...could have caused damage & disruption to energy supplies...” There is not needs for these attacks from outside. Obambi is causing plenty of destruction to much of America’s energy sector without any cyber. Obambi could teach the terrorists a thing or two about how to hate America. If it were not for the private sector, we would be suffering even more.
I had dinner earlier in the week with an electrical engineer friend who works for a large food company, and whose purview includes electrical safety. He said most of the bad examples for safety films are coming from South America and Asia, that US companies are pretty good on safety and maintenance.
I wonder if (hope that) it is similar for network security, that we’re generally better at it, so the really bad examples tend to come from other place, as with your SK example.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.