‘New Wave’ of Cyber Attacks Target US and European Energy Sectors

Symantec, the firm of cyber security, released a research report on Wednesday, according to which a group, called Dragonfly, is targeting European and North American energy sectors by "new wave" of cyber-attacks.

These attacks focused particularly on power grid and its related components, such as transition, power generation and distribution. Symantec published a report on Wednesday stating that campaigns of malicious email are used for gaining access into the organizations in Turkey, United States, Switzerland, and may be in other countries also.

Trunews.com posted on September 6th, 2017, stating that Eric Chien, researcher of cyber security in Symantec, told in one interview that cyber-attacks, which got started in the latter part of 2015 but rises in frequency in Apr. 2017, are most probably work of one foreign govt. and bear hallmarks of Dragonfly, the hacking group.

Their screen captures use has been the utmost concerning evidence for this. In one specific case, attackers used clear format to name screen capture files, [machine description and location].[organization name]. String 'cntrl' (control) has been used in several machine descriptions, thus most probably showing that the machines got access to the operational systems.

Several techniques are used by the group uses for infecting its targets, which include trojans and malicious emails. Symantec identifies the previous activity of Dragonfly 2.0 was one email campaign targeting those who are in energy sector masquerading as an invitation to the New Year's Eve party.

These hackers were acting in high level of operation, although they are not reinventing the wheel. Tried and true spear phishing along with the watering hole techniques are used for tricking the employees to disclose their passwords and usernames, thus giving access of the restricted portions of electrical system. Caltagirone said that power grids in US are not like the domino effect, where failure of one system resulted in failures of others as well.

Caltagirone added that it got designed for protecting itself against the large scale outages. He further said that "any thoughts that a wide-ranging attack on the power grid in the US is possible infer a misunderstanding into its complication and its resiliency." The organizations are required of protecting all the privileged access for ensuring that credential best practices got met.

» SPAMfighter News - 9/14/2017