Suspected Russian hackers have stepped up cyber attacks on utilities in the U.S. and Europe and now have the potential to shut down operations, a tech security firm said in a report Wednesday.
The report by Symantec Corp., a website security firm, which echoed warnings from U.S. government agencies, said the energy sector in Europe and North America is being targeted by a new wave of cyber attacks “that could provide attackers with the means to severely disrupt affected operations.”
Symantec said the new wave of attacks is being carried out by a group called Dragonfly 2.0 — believed to be sophisticated Russian hackers — which targeted dozens of energy companies in the spring and summer of this year.
In more than 20 cases, the hackers successfully gained access to the target companies’ networks, giving them the potential for operational control and the ability to cut off electricity to U.S. homes and businesses, the Symantec report said.
“This ‘Dragonfly 2.0’ campaign, which appears to have begun in late 2015, shares tactics and tools used in earlier campaigns by the group,” the report said.
“In recent months, there have also been media reports of attempted attacks on the electricity grids in some European countries, as well as reports of companies that manage nuclear facilities in the U.S. being compromised by hackers,” Symantec said.
“The Dragonfly group appears to be interested in both learning how energy facilities operate and also gaining access to operational systems themselves, to the extent that the group now potentially has the ability to sabotage or gain control of these systems should it decide to do so,” the report said.
It said, “Symantec customers are protected against the activities of the Dragonfly group.”
Symantec did not name Russia in its report but noted that the attackers used code strings that were in Russian.
Other code used French, Symantec said, suggesting the attackers may be attempting to make it more difficult to identify them.