Hackers gain entry into U.S., European energy sector, Symantec warns
WASHINGTON (Reuters) – Advanced hackers have targeted US and European energy firms in a cyber-spying campaign that has in some cases effectively broken into the core systems that control the companies’ operations, according to investigators at the security firm Symantec. Malicious email campaigns have been used to gain entry into administrations in the United States, Switzerland, Turkey and likely other countries well, Symantec said in a report published on Wednesday. The cyber-attacks, which began in late 2015 but enlarged in occurrence in April of this year, are maybe the work of a foreign government and bear the hallmarks of a hacking group known as Dragonfly, Eric Chien, a cyber-security researcher at Symantec, said in an interview.
The research adds to concerns that manufacturing firms, counting power deliverers and other utilities, are susceptible to cyber-attacks that could be leveraged for unhelpful purposes in the event of a major geopolitical battle. In June the United State government warned industrial firms about a hacking movement aiming the nuclear and energy sectors, saying in an alert seen by Reuters that hackers sent phishing emails to harvest credentials in order to gain access to targeted networks. Chien said he assumed that alert likely referenced the same campaign Symantec has been tracking. He said dozens of companies had been targeted and that a handful of them, including in the United States, had been compromised on the operational level. That level of access meant that motivation was “the only step left” preventing “sabotage of the power grid,” Chien said.