AGL 40.02 Decreased By ▼ -0.01 (-0.02%)
AIRLINK 127.99 Increased By ▲ 0.29 (0.23%)
BOP 6.66 Increased By ▲ 0.05 (0.76%)
CNERGY 4.44 Decreased By ▼ -0.16 (-3.48%)
DCL 8.75 Decreased By ▼ -0.04 (-0.46%)
DFML 41.24 Decreased By ▼ -0.34 (-0.82%)
DGKC 86.18 Increased By ▲ 0.39 (0.45%)
FCCL 32.40 Decreased By ▼ -0.09 (-0.28%)
FFBL 64.89 Increased By ▲ 0.86 (1.34%)
FFL 11.61 Increased By ▲ 1.06 (10.05%)
HUBC 112.51 Increased By ▲ 1.74 (1.57%)
HUMNL 14.75 Decreased By ▼ -0.32 (-2.12%)
KEL 5.08 Increased By ▲ 0.20 (4.1%)
KOSM 7.38 Decreased By ▼ -0.07 (-0.94%)
MLCF 40.44 Decreased By ▼ -0.08 (-0.2%)
NBP 61.00 Decreased By ▼ -0.05 (-0.08%)
OGDC 193.60 Decreased By ▼ -1.27 (-0.65%)
PAEL 26.88 Decreased By ▼ -0.63 (-2.29%)
PIBTL 7.31 Decreased By ▼ -0.50 (-6.4%)
PPL 152.25 Decreased By ▼ -0.28 (-0.18%)
PRL 26.20 Decreased By ▼ -0.38 (-1.43%)
PTC 16.11 Decreased By ▼ -0.15 (-0.92%)
SEARL 85.50 Increased By ▲ 1.36 (1.62%)
TELE 7.70 Decreased By ▼ -0.26 (-3.27%)
TOMCL 36.95 Increased By ▲ 0.35 (0.96%)
TPLP 8.77 Increased By ▲ 0.11 (1.27%)
TREET 16.80 Decreased By ▼ -0.86 (-4.87%)
TRG 62.20 Increased By ▲ 3.58 (6.11%)
UNITY 28.07 Increased By ▲ 1.21 (4.5%)
WTL 1.32 Decreased By ▼ -0.06 (-4.35%)
BR100 10,081 Increased By 80.6 (0.81%)
BR30 31,142 Increased By 139.8 (0.45%)
KSE100 94,764 Increased By 571.8 (0.61%)
KSE30 29,410 Increased By 209 (0.72%)

imageWASHINGTON: Cyberattackers, probably state sponsored, have been targeting energy operations in the United States and Europe since 2011 and were capable of causing significant damage, security researchers said Monday.

The US security firm Symantec said it identified malware targeting industrial control systems which could sabotage electric grids, power generators and pipelines.

"The attackers, known to Symantec as Dragonfly, managed to compromise a number of strategically important organizations for spying purposes," Symantec said in a blog post.

"If they had used the sabotage capabilities open to them, (they) could have caused damage or disruption to energy supplies in affected countries," it added.

The researchers said this malware is similar to Stuxnet, a virus believed to have been developed by the United States or Israel to contain threats from Iran.

"Dragonfly bears the hallmarks of a state-sponsored operation, displaying a high degree of technical capability," Symantec said.

"Its current main motive appears to be cyberespionage, with potential for sabotage a definite secondary capability."

Symantec said the Dragonfly, also known as Energetic Bear, appeared to be an operation based in Eastern Europe based on the hours of activity of those involved.

It said one of the tools was a Trojan that appeared to have originated in Russia.

Officials in the US and elsewhere in recent months have expressed growing concerns about cyberattacks which could cripple critical infrastructure systems such as power grids, dams or transportation systems.

The Dragonfly group has used several infection tactics including spam email with malicious attachments, and browser tools which can install malware.

Once installed on a victim's computer, the malware gathers system information and can extract data from the computer's address book and other directories.

"The Dragonfly group is technically adept and able to think strategically," Symantec said.

"Given the size of some of its targets, the group found a 'soft underbelly' by compromising their suppliers, which are invariably smaller, less protected companies."

Symantec said it had notified victims of the attacks as well as relevant national authorities, such as the US Computer Emergency Response Team.

The affected companies were not named, but Symantec said targets of Dragonfly included energy grid operators, major electricity generation firms, petroleum pipeline operators, and energy industry industrial equipment providers.

Most targets were located in the United States, Spain, France, Italy, Germany, Turkey, and Poland.

Comments

Comments are closed.