• Occasion2b Main Page


• General Discussion

• Pandemic Flu

YoNews.org

YoNews Portal

• All Things Prepper

• Game Area

• Archives







Status
Status

The sun Today


Right click and view
for larger image







Occasion2b feedburner

yonews feedburner


>Subscribe by Email

Occasion2B toolbar


Vote For Occasion2B
at Best Alternative News

Top Sites List


vote for Occasion2b
Forum Top Site List

vote for Occasion2b
Free Top Site



  • Home
  • Search
    •  
  • Login
    • Username: Password:
      Did you miss your activation email?

Author Topic: Dragonfly: Western Energy Companies Under Sabotage Threat :: Symantec Connect  (Read 360 times)

Offline beast

  • Hero Member
  • *****
  • Posts: 11879
    • Occasion2B

An ongoing cyberespionage campaign against a range of targets, mainly in the energy sector, gave attackers the ability to mount sabotage operations against their victims. The attackers, known to Symantec as Dragonfly, managed to compromise a number of strategically important organizations for spying purposes and, if they had used the sabotage capabilities open to them, could have caused damage or disruption to energy supplies in affected countries.

Among the targets of Dragonfly were energy grid operators, major electricity generation firms, petroleum pipeline operators, and energy industry industrial equipment providers. The majority of the victims were located in the United States, Spain, France, Italy, Germany, Turkey, and Poland.

The Dragonfly group is well resourced, with a range of malware tools at its disposal and is capable of launching attacks through a number of different vectors. Its most ambitious attack campaign saw it compromise a number of industrial control system (ICS) equipment providers, infecting their software with a remote access-type Trojan. This caused companies to install the malware when downloading software updates for computers running ICS equipment. These infections not only gave the attackers a beachhead in the targeted organizations' networks, but also gave them the means to mount sabotage operations against infected ICS computers.

This campaign follows in the footsteps of Stuxnet, which was the first known major malware campaign to target ICS systems. While Stuxnet was narrowly targeted at the Iranian nuclear program and had sabotage as its primary goal, Dragonfly appears to have a much broader focus with espionage and persistent access as its current objective with sabotage as an optional capability if required.
http://www.symantec.com/connect/blogs/dragonfly-western-energy-companies-under-sabotage-threat