More Than One Thousand Power Plants Found Compromised by Unknown Cyberattack
Gabriel Roşu / 3 years ago
Since the major topics nowadays are secret service cyber conspiracies and cyberattacks, the latest news points to another cyberattack aimed at more than one thousand power plants worldwide.
Symantec, a company specialising in software security, has apparently uncovered a malware campaign started by a group called Dragonfly, allowing remote access to computer systems from various power plants. Symantec stated that the group has used the malware only to spy on its victims, though serious damage could have been done as well.
A number of 1,018 organisations across 84 countries are stated to have been infected, spanning from grid operations to gas pipelines. It has later been discovered that Dragonfly’s base servers were based in Eastern Europe, leading to the conclusion that the group is of Russian origin. They reportedly used techniques spanning from garden pushing attacks, to campaigns targeting component manufacturers, allowing infections to take hold in any downstream system.
The comparison made against the infected systems led to the conclusion that the sophisticated Stuxnet virus has been used, something which the US previously used to damage nuclear power plants in Iran back in 2010. Up to this point, the real purpose of this major cyberattack is unclear.