06-30-2014 11:31 AM
June 30th, 2014, 16:37 GMT · By Ionut Ilascu
Top 10 countries with systems targeted by Dragonfly group
06-30-2014 12:45 PM
If this had been timed to bring down all the suppliers at once it would have caused total mayhem.
by Dan Goodin - June 30 2014
"This campaign follows in the footsteps of Stuxnet, which was the first known major malware campaign to target ICS systems," the Symantec report stated. "While Stuxnet was narrowly targeted at the Iranian nuclear program and had sabotage as its primary goal, Dragonfly appears to have a much broader focus with espionage and persistent access as its current objective with sabotage as an optional capability if required."
07-02-2014 06:01 AM
Russian hackers who broke into the networks of Western oil and gas companies used techniques that companies can detect and oftentimes defend against, experts say.
The Russian Federation-based group compromised corporate systems by planting malware in technology suppliers' software and compromising websites visited by energy company employees, Symantec said in a recent report on the attacks.
The attackers, which have been operating at least since 2011, were bent on stealing intellectual property and other sensitive information mostly from energy grid operators, major electricity generators, oil pipeline operators and industrial equipment providers. The majority of the targets were in the U.S., Spain, France, Italy, Germany, Turkey and Poland.
The attackers' favorite malware was Backdoor.Oldrea, also known as Havex or the Energetic Bear RAT. Oldrea, custom malware either developed by the group or for it, acted as a back door that let the hackers extract data and install additional software.
The majority of command and control servers appeared to be hosted on compromised computers running content management systems. Oldrea has a basic control panel that lets an authenticated user download a compressed version of data stolen from each victim.
An interesting article discussing way to avoid the attacks.
07-03-2014 07:49 AM
Tuesday, July 01, 2014 Swati Khandelwal
11-21-2014 05:17 AM
Washington (CNN) -- China and "probably one or two other" countries have the capacity to shut down the nation's power grid and other critical infrastructure through a cyber attack, the head of the National Security Agency told a Congressional panel Thursday.
Admiral Michael Rogers, who also serves the dual role as head of U.S. Cyber Command, said the United States has detected malware from China and elsewhere on U.S. computers systems that affect the daily lives of every American.
"It enables you to shut down very segmented, very tailored parts of our infrastructure that forestall the ability to provide that service to us as citizens," Rogers said in testimony before the House Intelligence Committee.
Rogers said such attacks are part of the "coming trends" he sees based on "reconnaissance" currently taking place that nation-states, or other actors may use to exploit vulnerabilities in U.S. cyber systems.
11-21-2014 05:32 AM
This is really scary to be honest.
New to the Community? Register now and start posting!
Helpful Webroot Links:
11-21-2014 05:51 AM
I agree David. The point is, previously if a country wanted to take over another country there had to be an invasion but now it can all be done from a desk many miles away.