A group of hackers, part of a group known as Dragonfly 2.0, have gained access to energy systems in the US, Switzerland, and Turkey, according to a new report from security firm Symantec. The group can potentially sabotage or take control over energy infrastructure in these countries, possibly crippling them and causing massive disruption to businesses.
This breach bears a strong resemblance to an earlier hack carried out by a group dubbed Dragonfly. From 2011 to 2014, the group distributed customized malware using phishing campaigns. And it appears that Dragonfly 2.0 has pursued a similar distribution strategy, using phishing to infect systems and steal employee login credentials that give it access to the power grid.
As more critical infrastructure is connected to the internet, these sorts of hacks are becoming increasingly common. In some instances, the sole aim is disruption, like the attack on Dyn in October 2016 that crippled the internet in much of the US for nearly a day. In others, the motivation is political, such as when Russian hackers reportedly shut down Ukrainian power plants that provide electricity for nearly 200,000 people. And some are for monetary gain, like when a group used stolen NSA malware to attack hospitals in the UK and a number of other countries, locking doctors and staff out of medical record systems until they paid a ransom in bitcoin to get access to their patient files.
Symantec outlines a number of security guidelines that it recommends companies and utilities adopt in order to strengthen networks. Among these recommendations are the use of more complex passwords, defense systems that use multiple firewalls along with gateway and intrusion monitoring, and phishing education to prevent employees from inadvertently exposing the network to malware. Many IoT software vendors include a number of measures already, offering security tools like intrusion monitoring and network segmentation. But for legacy companies that are adapting facilities and software to allow for connectivity, vulnerabilities remain that could allow malicious actors to wreak havoc.
Peter Newman, research analyst for BI Intelligence, Business Insider’s premium research service, has conducted an exclusive study with in-depth research into the field and created a detailed report on the IoT that:
To get the full report, subscribe to an ALL-ACCESS Membership with BI Intelligence and gain immediate access to this report AND more than 250 other expertly researched deep-dive reports, subscriptions to all of our daily newsletters, and much more. >> Learn More Now
You can also purchase the report and download it immediately from our research store.