Forgot your password?
typodupeerror
Security Crime

Western Energy Companies Under Sabotage Threat 86

Posted by timothy
from the shame-if-anything-was-t'-happen dept.
An anonymous reader writes In a post published Monday, Symantec writes that western countries including the U.S., Spain, France, Italy, Germany, Turkey, and Poland are currently the victims of an ongoing cyberespionage campaign. The group behind the operation, called Dragonfly by Symantec, originally targeted aviation and defense companies as early as 2011, but in early 2013, they shifted their focus to energy firms. They use a variety of malware tools, including remote access trojans (RATs) and operate during Eastern European business hours. Symantec compares them to Stuxnet except that "Dragonfly appears to have a much broader focus with espionage and persistent access as its current objective with sabotage as an optional capability if required."
This discussion has been archived. No new comments can be posted.

Western Energy Companies Under Sabotage Threat

Comments Filter:
  • by Errol backfiring (1280012) on Tuesday July 01, 2014 @10:35AM (#47360025) Journal
    To bear the blame if things go wrong. Oh, you want quality? Sorry, in the modern everything-must-be-done-yesterday-at-no-cost IT sector, quality is usually not an option. There's no market for quality.
  • It's the Russians (Score:4, Insightful)

    by ziggystarsky (3586525) on Tuesday July 01, 2014 @11:12AM (#47360379)
    It's Russia because
    - UTC+4 is one time-zone east of moscow;
    - it shifted to energy supplying firms with the beginning of the crisis in Ukraine (where Russia's gas delivieries are considered as the its only trump)
    - it's either Russia or China in general
  • Re:No airgap? (Score:5, Insightful)

    by swb (14022) on Tuesday July 01, 2014 @11:13AM (#47360387)

    I've done a couple of projects with engineering companies including one at a power plant. From what I've seen, the thing that tends to lead from air gapping to lack of airgapping is support.

    The engineering companies don't have the IT infrastructure experience or skills in their engineering practice. They hired me to do basic stuff like SAN setup, switch configuration, VMware, etc.

    The engineering company is required to provide support for their subsystem for a period of a couple of years and this includes everything IT related. Their office is hundreds of miles from the plant so problems with the IT environment require them to fly someone out. This is expensive, the guy who goes out has limited troubleshooting and they turn to me.

    But they don't want to pay for my services on site, so ultimately they end up ungapping the environment so it can be supported with less cost. They have some security -- VPN only and possibly other restrictions which limit VPN connectivity, but they break the air gap.

    They could maintain the air gap, but it would cost money -- support and travel costs, etc.

    Ideally the engineering company would make IT systems part of their practice, but I think a lot of engineers have an "I'm an engineer" mentality which makes them they're good at everything, so they see this as unnecessary. They could negotiate with the plant to engage their IT resources, but that would cost them money.

  • by alphatel (1450715) * on Tuesday July 01, 2014 @11:39AM (#47360619)

    I read it the same way. A well placed comma would go a long way...

    Or a properly placed quotation:

    The group behind the operation, called "Dragonfly" by Symantec

One picture is worth 128K words.

Working...