Security firms: Hackers targeting U.S. utilities
- U.S. and European utilities are being targeted by highly sophisticated hackers, according to two new reports from cybersecurity firms Symantec and F-Secure.
- Known as "Dragonfly" or "Energetic Bear" by security groups, the hacks appear to be coming from Eastern Europe, according to Symantec, with other reports claiming they are coming from Russia.
- Symantec said that the attacks had all the “hallmarks of a state-sponsored operation" and "a high degree of technical capability.”
The attacks used three means to penetrate utility systems: emails embedded with malware; frequently clicked links that automatically download hidden malware; and software update downloads with malware attached. Three industrial control systems were found to have been infiltrated in this way, according to an alert issued by the Department of Homeland Security.
So far, the infiltrations appear to have been used for espionage only, reports say. However, the level of access gained by these viruses could easily be used for an attack. "These infections not only gave the attackers a beachhead in the targeted organizations’ networks, but also gave them the means to mount sabotage operations against infected ICS computers," said the Symantec report.