Symantec, the company that makes Norton Anti-Virus software, announced some very scary news yesterday about the security of the energy sector. The company said that a hacker group is targeting the worldwide energy industry, and the U.S. is a main target.
The hacker group is called Dragonfly and it's using malware to access and control computers at energy companies in the U.S. and Europe. Its two main malware tools are Backdoor.Odrea and Trojan.Karagany.
Big companies aren't the only ones at risk. Malware attacks are on the rise across the board.
Karagany is capable of uploading stolen data, downloading new files, and running executable files on an infected computer. It is also capable of running additional plugins, such as tools for collecting passwords, taking screenshots, and cataloging documents on infected computers.
Right now, it seems like the group is using its access for spying purposes, but it could cause actual damage to energy supplies and delivery if it wanted to.
It is even scarier to hear that Symantec thinks the hacker group is state-sponsored because of its level of expertise. The group even seems to work between 9 a.m. and 6 p.m. in an Eastern European time zone, like it's just an everyday job.
The Dragonfly group is well resourced, with a range of malware tools at its disposal and is capable of launching attacks through a number of different vectors. Its most ambitious attack campaign saw it compromise a number of industrial control system (ICS) equipment providers, infecting their software with a remote access-type Trojan. This caused companies to install the malware when downloading software updates for computers running ICS equipment.
Dragonfly is also using other techniques to install its malware on target computers. It has tried everything from sending infected emails to company executives to corrupting websites that people in the energy industry regularly visit.
If hackers can gain control of computers at some of the most secure companies in the world, then you know that your home or office could be vulnerable, too. You probably won't have to deal with an attack of this size, but Dragonfly is using some techniques that hackers use every day to break into personal computers and small businesses.
Make sure you keep your computer secure. Visit my security center to find the tools you need to protect your information.