Economy

Europe and North America Energy Sector Targeted by Sophisticated Cyberattack Group

Europe and North America Energy Sector Targeted by Sophisticated Cyberattack Group”

As part of the group's Dragonfly 2.0 cyber campaign, the hackers have been zeroing in on energy facilities. Dragonfly 2.0 has been in operation since at least 2011 and is linked to the Russian government. The group potentially has the ability to sabotage or gain control of these systems. Activities associated with the group have kicked up a gear this year.

Cyber-attack groups have become increasingly interested in energy facilities and companies in the last two years, according to the report. In recent months, there have also been reports of attempted attacks on the electricity grids of Western countries, mostly driven through phishing attacks and aimed at reconnaissance or gaining a foothold in targeted networks rather than immediate disruption. It had initially targeted defence and aviation companies in the U.S. and Canada before it moved its crosshairs over to energy firms.

"This is the first time we've seen this scale, this aggressiveness and this level of penetration in the USA, for sure", Eric Chien, technical director of Symantec's Security Technology & Response Division, told BuzzFeed News.

However, the U.S. Department of Homeland Security and the Federal Bureau of Investigation have previously linked Dragonfly to Russian Federation. Some code strings were in French, however, so Symantec is wary of language being used as a false flag to throw researchers off the trail of the attackers' origins. Once the target opens these attachments, the malware dropped trojans to steal victims' credentials. The toolkit consists of a Trojan virus created to steam a victim's credentials by way of a template injection attack. As well as this, the group used what is known as "watering hole" techniques, where they would carry out attacks on, and compromise, websites that were likely to be attacked by those in the energy industry. The group also used files pretending to be Flash updates that may be used to install malicious backdoors onto target networks. Such attacks falsely claim a Flash update is necessary to view content. Through a complex and relentless series of attacks on employee's email accounts the group are able to gain usernames and passwords.

Since 2014, the Dragonfly hackers have largely maintained a low profile. The Karagany Trojan was leaked on underground markets, so its recent use by Dragonfly is not necessarily exclusive.

Dragonfly was previously active from around to 2011 to 2014 when it appeared to go dormant after several cyber firms published research exposing its attacks.

Andrew Clarke, EMEA director at security vendor One Identity, said: "Studies in the U.S. report that cyber-attacks are a constant and daily occurrence on utility companies with some facilities receiving upwards of 10,000 attempted cyber-attacks each month - which equates to one attack every four minutes". "The impact of an attack against an atomic energy provider could potentially be a lot worse".



Like this

loading...
loading...

Latest


06 September 2017
Man fatally shot at California office building
Gomez says a CHP officer, who was guarding the building, confronted the suspect and three shots were fired. Authorities investigate an officer-involved shooting in downtown Los Angeles on September 6, 2017.

06 September 2017
Buffalo Wild Wings, Inc. (BWLD) Receives Hold Rating from Cowen and Company
On average, equities analysts expect that Buffalo Wild Wings, Inc. will post $4.53 earnings per share for the current fiscal year. It is positive, as 41 investors sold BWLD shares while 83 reduced holdings. 31 funds opened positions while 70 raised stakes.

06 September 2017
The RLJ Lodging Trust (RLJ) Downgraded to "Hold" at ValuEngine
Press coverage about Chesapeake Lodging Trust (NYSE:CHSP) has been trending somewhat positive recently, Accern Sentiment reports. When the quarterly earnings report is released, investors watch closely to see if the company is performing up to expectations.

06 September 2017
Cliffs Inc. (NYSE:CLF) Closed Significantly Above Its 50 Day Average
As of quarter end Schonfeld Strategic Advisors LLC had bought a total of 193,581 shares growing its holdings by 810.0%. Janney Montgomery Scott LLC bought a new stake in Cliffs Natural Resources during the 1st quarter worth $476,000.

06 September 2017
North Atlantic Treaty Organisation apologises for offensive Quran leaflet
He said an investigation would be held "to determine the cause of this incident and to hold the responsible party accountable ". In 2012, the Americans apologized after copies of the Quran burned at Bagram Air Base near Kabul by mistake.

06 September 2017
Salvador Dali DNA test proves he was not woman's father
Authorities exhumed the body of the surrealist to see if he fathered 61-year-old Pilar Abel Martínez but the result was negative. The artist - who died in 1989 - is buried at under the dome of the Dalí Theatre-Museum in Figueres, Spain.

06 September 2017
NCI scientists to receive Lasker-DeBakey Clinical Medical Research Award
HPV is behind almost every case of cervical cancer, which strikes more than 500,000 women each year and kills more than 250,000. The awards are a famous foreshadowing of the Nobel Prize, as 87 Lasker awardees have gone on to bring home Nobels.

06 September 2017
QEP Resources, Inc. (QEP) Closed its Previous Trade at $7.52
The company had revenue of $383.70 million during the quarter, compared to the consensus estimate of $413.27 million. The percentage of shares being held by the company management was 2% while institutional stake was 0%.

06 September 2017
Apollo Commercial Real Estate Finance
Shares of Ares Commercial Real Estate Corporation ( NYSE ACRE ) traded up 0.45% during midday trading on Friday, reaching $13.25. Finally, Stifel Financial Corp raised its holdings in Apollo Commercial Real Estate Finance by 877.5% during the first quarter.

06 September 2017
Women with severe period pains should be checked for endometriosis
The guidance says endometriosis should not be excluded even if abdominal or pelvic examinations or ultrasound or MRI are normal. Up to one in ten women suffer from endometriosis , which causes severe pain, exhaustion and can lead to infertility.