Security firm Symantec claims to have evidence that a new wave of attacks is taking aim at energy targets in Europe and North America with the intention of affecting operations.
The company said the group behind these attacks was known as Dragonfly and had been operating since about 2011. After having been identified by Symantec and other companies in 2014, the group had reappeared in 2015.
Symantec said it did not know the affiliation of the group. Attacks were of three types: phishing emails sent to employees of energy companies, bids to attract these individuals to watering holes that were infected, and the use of malicious emails to obtain network credentials.
iTWire has asked Symantec for the content of any one of these emails and also the URLs of some watering holes.
{loadposition sam08}The company said attackers had shown an interest in the energy sector since 2015, with Ukraine's power system suspected of being the target of such attackers. It also cited media claims of an attack on a grid in Ireland and about compromising companies that manage nuclear facilities in the US.
A distinct increase in the activity of attacks had been noticed this year, with "strong indications" of attacker activity in the US, Turkey and Switzerland.
The company did not clarify what it meant by "strong indications".
Symantec did not make any mention of the fact that many attacks in the US touted as "cyber war" have been attributed to animals, many of them to squirrels.