U.S. and European Energy Sectors Targeted by Dragonfly 2.0 Campaign

A ‘new wave’ cyber-attacks is targeting the European and North American energy segments. This cyber attacking group is known as Dragonfly, according to the research report publicized on Wednesday by the cyber security company Symantec.

These cyber-attacks are particularly focusing on the power grid and components related to it such as power transition, distribution, and generation.

The director of Symantec’s responsive division and security technology, Mr. Eric Chien expressed his views on these attacks by saying that the real worry in this situation is these attackers have operational access and they may carry out some kind of sabotage operation.

There are tracks left behind by the group’s attack all across the Europe, but the prime focus of these attacks has now been Turkey and the United States, according to the report by Symantec.

Both Chien and Symantec do not expect an imminent attack to sabotage the power grid systems, their research tells that there are no technical hurdles remaining for the group to face.
The research report claims that about a dozen of organizations across the United States were attacked and compromised. It also reports that only a handful of these organizations could see the activity on the operational part of the business – connection to machinery, sensors, and power grids – which really is a big cause of concern.

The group conducting these cyber-attacks has been around since 2011, but has now re-emerged with more power in the past two years. This reemergence is being called as the ‘Dragonfly 2.0’ campaign according the Symantec report and these attackers are now modifying their off-the-shelf-tools to make them very hard to track.

Ransomware Attacks Continue as New Waves Hit New Targets

A new type of ransomware has been making rounds around the world, very similar to the recent WannaCry. The cyber-attack was reportedly affecting Europe before it started to be seen across Asia and then the U.S. The attacks have managed to bring several government systems, port operators, and businesses to a standstill for several hours.

Indian Port Halts Operations after Attack
One of the terminals being operated by A.P. Moller-Maersk in India, at Mumbai’s Jawaharlal Nehru Port Trust. The terminal is a part of India’s larger port for containers and was left incapacitated for a long while, unable to load or unload containers for the time. The Gateway Terminal India facility could not track shipments and link them to their destinations either. The ransomware assaults are being linked to the new Petya virus, and those affected are being demanded as much as US$300 in purely cryptocurrency for every terminal that is affected.

Ransomware a Regular Thing?
The ransomware attacks that have been experienced over the past year are increasingly making it clear the ease with which attackers are becoming a regular thing in nearly all nations. Banks as well as retail businesses across the world are concentrating their defenses against the new wave of cyber thefts and attacks, safeguarding themselves and their clients’ sensitive data such as their credit card details. According to Kaspersky Lab, nearly 2,000 users or terminals have been affected across North America as of mid-Tuesday.

Businesses and government organizations in Russia and Ukraine are among the most severely affected.

Click for more information on Ransomware Protection Market