Explore the latest news and trends  

Sign up for our weekly security newsletter

Be the first to receive important updates on security


Dragonfly Malware Targets Pharmaceutical Industry

Beldon, a communication and electronics company, reports that a new malware threat namely Dragonfly could steal the intellectual property of pharmaceutical industry. Ipprolifesciences.com reported on 17th September, 2014 stating that initially the malware was meant to be attacking the energy sector however, further analysis suggests that the attack threatens pharma industry more."

Dragonfly is also known as Havex and actually Havex/Dragonfly/Energetic Bear and Backdoor.Oldrea all belong to the same family of malware.

Beldon engaged Joel Langill of RedHat Cyber, a leading independent ICS (Industrial Control System) Security Expert, to conduct a deep research on Dragonfly.

Belden recently released the report of Langill as "Defending against the Dragonfly Cyber Security Attacks, Part A - Identifying the Targets." The report reveals how the targets and victims of Dragonfly have been identified and how Dragonfly attacks.

Langill believes that Dragonfly targets ICS systems of pharmaceutical sector because of three reasons. One reason is that out of thousand suppliers of ICs, the companies targeted all offered services and products which pharmaceutical industry mostly used. Second, Dragonfly is like the Epic Turla campaign that struck pharmaceutical IP and third is Dragonfly's targeting of 102 (Siemens), TCP ports 44818 (Omron, Rockwell Automation) and 502 (Schneider Electric) which are usually fixed in pharmaceutical manufacturing and packaging applications as per the report published in Outsourceedpharma.com on 18th September, 2014.

Eric Byres, CTO of Tofino Security of Beldon, stressed that the malware wasn't designed to cause any disturbance in service but actually it was designed to especially steal IP assets for fraudulent purposes. Marketwatch.com published news on 15th September, 2014 quoting Byres as saying that manufacturing units should secure ICS machines and not be victimized by malware that remains camouflaged for years.

Byres said: "Security researchers and cybercriminals have recognized much vulnerability in products employed in industrial operations. After Dragonfly, it has become important for the manufacturing companies to secure core ICS with updated best solutions and industrially focused defense technologies. We know that Flame and Stuxnet remained hidden in the network of their target for years and by the time computer worms like this damage or embezzle business secrets, it gets too late to guard against them."

ยป SPAMfighter News - 9/29/2014

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Dear Reader

We are happy to see you are reading our IT Security News.

We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!

Go back to previous page