A Symantec blog article has details of an ongoing cyber-espionage campaign against a range of targets in the energy sector. The group (that Symantec named) Dragonfly has managed to compromise a number of strategically important (critical infrastructure) and could have caused damage or disruption. According to the article, among the targets of Dragonfly were energy grid operators, major electricity generation firms, petroleum pipeline operators, and energy industry industrial equipment providers. The majority of the victims were located in the United States, Spain, France, Italy, Germany, Turkey, and Poland.

This, again, highlights the importance of securing your industrial control systems (primarily SCADA systems). If you or your organization manages/owns critical infrastructure, get in touch with us to get a vulnerability assessment done to identify potential issues – we have extensive experience in this highly specialized area.