backtop


Print

The group has the ability to disrupt or damage energy supplies in targeted nations

A hacking group has launched a cyber-espionage campaign against western energy firms and the systems that power the electric grid, according to a new report from Symantec

The hacking group -- called Dragonfly -- compromised several important organizations for intelligence purposes, said the report. The main targets were energy grid operators, petroleum pipeline operators, electricity generation firms and industrial equipment providers for the energy sector in the U.S., Spain, France, Italy, Germany, Turkey and Poland.

Alarmingly, Dragonfly could have done much more damage had it used its full sabotage capabilities, such as disrupt (or even damage) energy supplies in targeted nations.

Dragonfly is reportedly well resourced, using two key pieces of malware in its attacks -- both of which are remote access tool (RAT) type malware.
 
RAT malware provides the attackers with both access and control of compromised computers. 
 
Dragonfly prefers a malware tool called Backdoor.Oldrea, which acts as a backdoor for the attackers on to the victim’s computer. Once installed on a victim’s computer, Oldrea collects system information and lists of files, programs installed, and root of available drives. This data is then written to a temporary file in an encrypted format before being sent to a remote command-and-control (C&C) server controlled by the attackers. 
 

See the Dragonfly? [SOURCE: Symantec]

Dragonfly also favors a malware tool called Trojan.Karagany, which is capable of uploading stolen data, downloading new files and running executable files on an infected computer. 

Symantec's report said that the majority of computers compromised by the attackers were infected with Oldrea, while Karagany was only used in around 5 percent of infections.

Dragonfly reportedly used methods of attack like email campaigns, compromised legitimate software packages and watering hole attacks.

Protecting energy companies and the grid is a high priority. Back in February 2013, it was revealed that the U.S. Department of Energy (DOE) was hacked, which resulted in the "unauthorized disclosure of employee and contractor Personally Identifiable Information." No confidential information was stolen.

The DOE later released a letter promising to tighten security. It said it was deploying new tools both to protect assets on its servers and to monitor activity for signs of trouble. 

Source: Symantec





"We basically took a look at this situation and said, this is bullshit." -- Newegg Chief Legal Officer Lee Cheng's take on patent troll Soverain
Related Articles
U.S. DOE: We Got Hacked
February 5, 2013, 3:56 PM







Latest Blog Posts
More Apps From Google
Saimin Nidarson - Mar 28, 2017, 7:15 AM
What else to worry about?
Saimin Nidarson - Mar 17, 2017, 6:45 AM
Todays’ Life
Saimin Nidarson - Mar 14, 2017, 7:30 AM
News and Tips
Saimin Nidarson - Mar 13, 2017, 6:30 AM
Some News
Saimin Nidarson - Mar 8, 2017, 7:09 AM
News
Saimin Nidarson - Mar 7, 2017, 8:45 AM
World news 3-6
Saimin Nidarson - Mar 6, 2017, 5:40 AM
Mixed News
Saimin Nidarson - Mar 4, 2017, 7:40 AM
Mixed News of the Day
Saimin Nidarson - Mar 4, 2017, 6:32 AM






botimage
Copyright 2017 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki