Skip to main content

Dragonfly malware proving a pest for thousands of energy companies

Security firm Symantec has discovered a malware attack that has compromised over 1,000 European and North American energy companies.

The hackers are thought to be part of a group known as 'Dragonfly', an eastern European collective that has been in operation since at least 2011 and has been targeting organisations that manage electrical, water, oil, gas and data systems, since 2013.

Read more: DDoS attacks becoming stronger, with many UK businesses unprepared to face them

Targets included energy grid operators and industrial equipment providers and Symantec said that its "primary goal appears to be espionage."

A total of 84 countries were affected, with the US, Spain, France and Italy being some of those worst affected.

Dragonfly is believed to have used a variety of techniques to access computers, including attaching malware to emails, websites and third-party programs, giving it "the capability to mount sabotage operations that could have disrupted energy supplies across a number of European countries," according to the security firm.

Backdoor.Oldrea and Trojan.Karagany were both used by the hacking outfit to gather system information and upload stolen data, respectively.

Read more: Why businesses hate Box and Dropbox

Symantec described Dragonfly as bearing "the hallmarks of a state-sponsored operation, displaying a high degree of technical capability."

The attack draws comparisons to the Stuxnet computer worm in 2010, which reportedly ruined 20 per cent of Iran's nuclear power plants.

Image credit: Flickr (Stephan)