light bulb

Did You Know?



Reply
Posts: 4,412
Topics: 2,746
Kudos: 5,410
Registered: ‎06-12-2013

Energy Sector Targeted By Cyberespionage Campaign

June 30th, 2014, 16:37 GMT · By Ionut Ilascu

 

Energy Sector

Top 10 countries with systems targeted by Dragonfly group

 
Strategically important organizations, most of them from the energy sector, have been compromised in a spying campaign, giving the attackers the possibility to sabotage the affected targets.

Symantec says in a blog post that a group, which they believe to be state-sponsored judging by the resources at their disposal and their technical capabilities, has successfully infiltrated malicious programs into the systems of organizations from the energy industry.

Affected by this campaign are energy grid operators, major electricity generation companies, providers of industrial equipment for the energy sector, and petroleum pipeline operators in the United States, Spain, France, Italy, Germany, Turkey, and Poland.

The attackers are known to Symantec by the name of Dragonfly and they seem to be capable of carrying out complex campaigns with the purpose of not just exfiltrating important information, but also of sabotaging the systems of the targeted companies.

The attack vector of the Dragonfly group consists in compromising the websites of the ICS (industrial control system) software providers and replacing the official file with one infected with a remote access Trojan (RAT). Victims would then download the file and infect their systems upon installing it.
 

 

Sr. Community Leader

Posts: 4,412
Topics: 2,746
Kudos: 5,410
Registered: ‎06-12-2013

Active malware operation let attackers sabotage US energy industry

If this had been timed to bring down all the suppliers at once it would have caused total mayhem.

 

"Dragonfly" infected grid operators, power generators, gas pipelines, report warns.

Sr. Community Leader

Posts: 4,412
Topics: 2,746
Kudos: 5,410
Registered: ‎06-12-2013

Experts weigh in on how companies can fend off cyberespionage attacks

By Antone Gonsalves

 

Russian hackers who broke into the networks of Western oil and gas companies used techniques that companies can detect and oftentimes defend against, experts say.

The Russian Federation-based group compromised corporate systems by planting malware in technology suppliers' software and compromising websites visited by energy company employees, Symantec said in a recent report on the attacks.

 

The attackers, which have been operating at least since 2011, were bent on stealing intellectual property and other sensitive information mostly from energy grid operators, major electricity generators, oil pipeline operators and industrial equipment providers. The majority of the targets were in the U.S., Spain, France, Italy, Germany, Turkey and Poland.

The attackers' favorite malware was Backdoor.Oldrea, also known as Havex or the Energetic Bear RAT. Oldrea, custom malware either developed by the group or for it, acted as a back door that let the hackers extract data and install additional software.

The majority of command and control servers appeared to be hosted on compromised computers running content management systems. Oldrea has a basic control panel that lets an authenticated user download a compressed version of data stolen from each victim.

 

Full Article

 

An interesting article discussing way to avoid the attacks.

Sr. Community Leader

Posts: 4,465
Topics: 79
Kudos: 3,275
Registered: ‎11-27-2013

Dragonfly Russian Hackers Target 1000 Western Energy Firms

Dragonfly Russian Hackers Target 1000 Western Energy Firms

Tuesday, July 01, 2014 

 

Gone are the days when cyber criminals focuses only on PCs to spread malwares and target people, whether it’s ordinary or a high profile person. Nowadays, organizations in the energy sector have become an interesting target for cyber minds.
 
Few days ago, security researchers uncovered a Stuxnet-like malware, “Havex”, which was also programmed to infect industrial control system software of SCADA systems, with the capability to possibly disable hydroelectric dams, overload nuclear power plants, and even shut down a country’s power grid with a single keystroke.
 
RUSSIAN HACKERS HIT 1000 ENERGY FIRMS
Recently, a Russian group of hackers known as 'Energetic Bear' has compromised over 1,000 European and North American energy firms with a sophisticated cyber weapon, similar to Stuxnet, that gave hackers access to power plant control systems, said a security firm.
 
Sherry

   

Helpful Webroot Links:


Download (PC) | Download (Best Buy Subscription) | Submit Trouble Ticket | Account Console | User Guides |

BrightCloud URL lookup

Register and Introduce yourself to The Community!


Mac / Yosemite(10.10.1), IPads, PCs,W7Pro & W 8.1 R Pro. Windows 7 Pro on Lenovo & W/Vista Ultimate on Gateway Laptop.
(WSAC 5 PC,WSA Business)W/10 Preview
Posts: 4,412
Topics: 2,746
Kudos: 5,410
Registered: ‎06-12-2013

The U.S. government thinks China could take down the power grid

By Jamie Crawford, National Security Producer
updated 6:57 PM EST, Thu November 20, 2014
 

Washington (CNN) -- China and "probably one or two other" countries have the capacity to shut down the nation's power grid and other critical infrastructure through a cyber attack, the head of the National Security Agency told a Congressional panel Thursday.

Admiral Michael Rogers, who also serves the dual role as head of U.S. Cyber Command, said the United States has detected malware from China and elsewhere on U.S. computers systems that affect the daily lives of every American.

"It enables you to shut down very segmented, very tailored parts of our infrastructure that forestall the ability to provide that service to us as citizens," Rogers said in testimony before the House Intelligence Committee.

Rogers said such attacks are part of the "coming trends" he sees based on "reconnaissance" currently taking place that nation-states, or other actors may use to exploit vulnerabilities in U.S. cyber systems.

 

Full Article and video.

Sr. Community Leader

Posts: 5,697
Kudos: 4,593
Registered: ‎10-28-2012

Re: The U.S. government thinks China could take down the power grid

This is really scary to be honest.  


David, (shorTcircuiT)

      

New to the Community? Register now and start posting!



Helpful Webroot Links:


Download (PC)   Download (Best Buy Subscription)   Submit Trouble Ticket   Account Console   User Guides   



"If you don't learn something new every day, you need to pay more attention. I often get my daily learning here so grab a chair and stay a while!"

WSA-Complete (Beta PC), WSA Mobile (Android), WSA Business Mobile (Android) WSA-Endpoint (PC- Some of the time.....)
Posts: 4,412
Topics: 2,746
Kudos: 5,410
Registered: ‎06-12-2013

Re: The U.S. government thinks China could take down the power grid

I agree David. The point is, previously if a country wanted to take over another country there had to be an invasion but now it can all be done from a desk many miles away.

Sr. Community Leader