Dragonfly malware targeting pharmaceutical companies

  • 15 September 2014
  • 1 reply
  • 725 views

Userlevel 7
By HNS Staff/ Posted on 15.09.2014
 
The recently revealed Dragonfly (Havex) malware is likely targeting the pharmaceutical sector, not the energy sector as previously believed, according to Belden.


http://www.net-security.org/images/articles/pill-biohazard.jpg
Until now, advanced cyberattacks against industry have focused on the critical energy and chemical sectors. Manufacturing management teams are advised to update their risk assessments and ensure that their cyber security defenses can withstand what are clearly highly coordinated attacks by teams of professional hackers.

Over the past few years, industrial infrastructure has been identified as a key target for hackers and government-sponsored warfare, attracting some of the most sophisticated cyberattacks on record, including Stuxnet, Flame and Duqu. Dragonfly is significant because it is first one of the advanced attacks since Stuxnet to have payloads that target specific ICS components.

 
 
Help Net Security/ full articles here/ http://www.net-security.org/malware_news.php?id=2865

1 reply

Userlevel 7
The following article is a update
 

(Pharmaceuticals, Not Energy, May Have Been True Target Of Dragonfly, Energetic Bear)

By Sara Peters/ Posted oj 10/22/2014
 
New research says the compromised companies were suppliers for OEMs that served pharma and biotech.
 One of the biggest attack campaigns against critical infrastructure since Stuxnet might not actually have been aimed at critical infrastructure. New research on the Dragonfly, a.k.a. Energetic Bear, attacks that were first reported by F-Secure in June poses the theory that the group's true target was the pharmaceutical and biotechnology industry, not the energy sector.
In a report released today by the signal transmission solution company Belden, Joel Langill, an industrial control systems security expert at RedHat Cyber, explains why he thinks Dragonfly was attacking small companies that supply original equipment manufacturers, which in turn supply the pharma-biotech sector.
Though pharma has not been called out as a target before, researchers had warned against assumptions that the bull's eye was on energy companies. As Dark Reading's Kelly Jackson Higgins reported in June:
 
 
Full Article
 

Reply