Malware is leaving power grids open to attack

It's quite obvious that the world is becoming more and more connected. With this increase in connectivity, exploits and flaws are bound to follow. Not just regular smartphone, or desktop users are afflicted by malware; hackers have recently turned towards bigger targets. Symantec has recently found a "likely state-sponsored hacking group, nicknamed Dragonfly" that have been using various techniques to infiltrate energy providers in the U.S. and overseas, according to Engadget.

The group has been using phishing, as well as trojan malware to get into the systems of many energy companies to gain information about the national infrastructure. This also creates a back-door to the systems while simultaneously gathering information, and leaves systems susceptible to a range of attacks.

Dragonfly is still at large and Symantec believes that they are, indeed, a professional group of hackers due to the attacks usually occurring on weekdays, between 9AM and 6PM in Eastern European time. The group had aimed toward aviation and defense before their switch to energy providers in early 2013. They've been mainly targeting smaller and less secure Western European companies.

Companies can stop individual attacks, and Symantec has alerted security response centers, as well as the affected companies.

Source: Symantec via   Engadget | Image via Shutterstock

Report a problem with article
Previous Story

TechSpot: Samsung 850 Pro SSD Review

Next Story

Pebble firmware v2.3 update brings notification skipping, improved BT stability, and more

14 Comments

Commenting is disabled on this article.

I walked in to a couple of offices yesterday to test a wireless nic, they didn't know me and I didn't know them
I asked for they key and SSID - just to test and you know what I was allowed to do so, not a guest lan - the actual lan.
I didn't have any passwords etc to the system, but I was on the network which is stage 1.

While exploits and bruteforce attacks etc. are certainly possible attack vectors, it is significantly eaiser to just ask someone for their login, as many people will simply tell you.

(I was actually just looking for an external net to prove a point to an end user who was arguing about some remote access issue and was not up to anything nefarious! I was expecting to be told no, and have to rig up a dummy SSID/VLAN combo, but figured it was worth the ask!)

Systems are only as secure as the weakest link which is almost always the bit found between keyboard and chair

C'mon folks... Aside from massive physical infrastructure disruption, most hacking is dealing with people and human engineering. Very little deals with what OS you use on your SCADA. If you think things through as a security professional, you can even secure the crappiest of systems. (Yes, wire cutters are still the best packet filter in the world.) When it comes to systems, "It's the connectivity, stupid!"

If you hire security conscious employees, or train them to make good security decisions, your attack surface decreases substantially. Hire idiots and forget to train them, anything is possible.

"Hello. Yes, this is dog... I can give you the launch codes."

Yeah, lets replace Windows with Linux, cause Linux is open source and much much easier for hackers to exploit!
Linux has no viruses because, surprise, no one would waste his time hacking a system that's used by a minority!

Walmoo said,
Yeah, lets replace Windows with Linux, cause Linux is open source and much much easier for hackers to exploit!
Linux has no viruses because, surprise, no one would waste his time hacking a system that's used by a minority!

Actually Linux is too easy to hack. There are literally thousands of unpublished exploits. It's no challenge anymore. There's always Apple, but what's a hacker going to do in a Mac? Steal all your tunes? Windows is becoming a bitch though.

Linux OS'es are secure because the user does not run with root access by default, unlike Windows. Have a Linux OS where any user has root access and it will be just as vulnerable. Case in point: Android.

Sadelwo said,
Linux OS'es are secure because the user does not run with root access by default, unlike Windows.

So in other words, user error. First user created shouldn't be the one used on a daily basis because as you say it's made an administrator by default.. been that way for a loooong time. Make a proper user account and then read up on proper security practices.

Besides, Linux and BSD systems are totally capable of running malware too. Just look at Windigo, the Phalanx rootkit (which even got Kernel.org), etc etc. Linux systems get compromised all the time.

Doesn't help when there's a very large number of systems that aren't being updated too, just look at the Heartbleed numbers for example. There's a very large number of vulnerabilities that get patched in the Linux OS, some of them quite severe, all the patches in the world won't save you if you don't actually install them.

Doesn't matter what OS the thing is running, this stuff doesn't just appear magically out of thin air. It's a combination of exploiting vulnerabilities in the OS and taking advantage of unsafe computing habits/gullible users/clueless admins... no OS can protect you from that.

Sadelwo said,
....Case in point: Android.

Android runs the user as root by default? Why the hell aren't I notified about these things?! /s

Sadelwo said,
Linux OS'es are secure because the user does not run with root access by default, unlike Windows.

Are you reading from a list of "Windows isn't secure because..." from 2000 or something? Windows users, including Administrators, have not had "root" access by default since Windows Vista. In fact, you have to be a "super expert"* to go through the motions to turn UAC off to restore this level of insecurity.

* It's a well known fact that "super experts" turn off UAC in Windows.

I'm still left baffled as to why critical systems that operate infrastructure are even able to get malware on them.

They should be closed (or better off-net) systems, and have little or no reason to have removable media used in them...

EXACTLY!!! WTF!!!

Raa said,
I'm still left baffled as to why critical systems that operate infrastructure are even able to get malware on them.

They should be closed (or better off-net) systems, and have little or no reason to have removable media used in them...

cetla said,
Robbers are leaving people open to being robbed :)

I wonder, why there is always state sponsored ??

It seems that many times, they must be software security company sponsored to strike fear and force people to buy their software suits !!!