A series of over a hundred computer intrusions at dozens of Nuclear-plants and electric companies have been linked back to a hacking group named "Dragonfly" and "Energetic Bear". These groups have been previously linked to Russia according to a new report from the computer-security company Symantec. Symantec has observed around 100 breaches of energy facility computer systems since the start of 2017 alone and half of them were in the United States.
The security company Symantec says these cyber attacks are potentially very worrisome because Dragonfly is one of the few hacking groups with the expertise and capability to know out a power-grid control network. These power-grid control networks are computerized systems responsible for turning on and off circuit breakers. All of our current technological systems are reliant on computer controlled power grids from banking to electricity and the internet itself.
Another Russia-linked hacking operation has already demonstrated the Kremlin's ability and willingness to use their capabilities to cause electrical blackouts twice. Some are worried that we may see attacks on United States power-grids head in a similar direction. According to the Symantec report, "The original Dragonfly campaigns now appear to have been a more exploratory phase where the attackers were simply trying to gain access to the networks of targeted organizations."
The report concludes with, "the attackers may be entering into a new phase, with recent campaigns potentially providing them with access to operational systems, access that could be used for more disruptive purposes in future." So far, the attacks on U.S. computer systems have been geared towards collecting intelligence in the form of technical diagrams, passwords and other digital information of sensitive nature.
Tips? Info? Send me a message!