In another indicator of the need for individuals to be prepared for sudden, potentially paralyzing disruptions, cybersecurity firm Symantec indicated last week that sophisticated cyberattacks have been targeting the energy sector in both North America and countries in Europe such as Switzerland and Turkey.
“The energy sector has become an area of increased interest to cyber-attackers over the past two years. Most notably, disruptions to Ukraine’s power system in 2015 and 2016 were attributed to a cyberattack and led to power outages affecting hundreds of thousands of people,” Symantec said in a recent blog post. “In recent months, there have also been media reports of attempted attacks on the electricity grids in some European countries, as well as reports of companies that manage nuclear facilities in the U.S. being compromised by hackers.”
According to the firm, a cyber-espionage group known as Dragonfly is perpetrating these attacks. “The Dragonfly group appears to be interested in both learning how energy facilities operate and also gaining access to operational systems themselves, to the extent that the group now potentially has the ability to sabotage or gain control of these systems should it decide to do so,” it said.
Symantec claims the Dragonfly effort has been going on since at least December 2015, and that it has seen “a distinct increase in activity in 2017.” The hackers use “a variety of infection vectors,” including targeted malicious emails, watering hole attacks, and Trojanized software, to obtain network credentials and gain access to system servers and thereby compromise them.
“Symantec also has evidence to suggest that files masquerading as Flash updates may be used to install malicious backdoors onto target networks – perhaps by using social engineering to convince a victim they needed to download an update for their Flash player,” the cybersecurity firm said. “Typically, the attackers will install one or two backdoors onto victim computers to give them remote access and allow them to install additional tools if necessary.”