Hackers had access to SCADA systems, energy companies’




Symantec on a large scale have had access to the systems of several European and American energy companies. Hackers For the time being was spying the target, but the security company says that the hackers were also able to focus. Considerable damage to

The hackers would operate under the flag of an organization by Symantec Dragonfly is called. They beat reportedly mainly by energy companies in France, Italy, Germany, Turkey, Poland, Spain and the United States. More than half of the information that was looted, businesses involved in the latter two countries.

Dragonfly would focus specifically on SCADA systems, industrial systems that are managed via the Internet. Remote SCADA stands for supervisory control and data acquisition and is a collective name for management, for example, sewers, power generation, manufacturing and oil pipelines. Tweakers wrote this before an extensive backstory.

The hackers used their espionage campaign a self-written trojan that was remotely operated, so Symantec writes. They infected computers from businesses, after administrators were first notified that updates were available for the scada system. So the criminals could not only gain insight into the company, but they could in extreme cases even sabotage the system, with all its consequences.

The trojan, baptized by Symantec Oldrea, collects information about files, installed programs and available drives. In addition, the program reads the Outlook Address Book and VPN configuration files on the computer, and all the information gathered encrypted messages to a server. The hackers also used a trojan, Karagany which attackers can gather passwords, screenshots can and can bring. Documents in local map

The Trojans ended Symantec in three ways a system. The first was an email with a malicious PDF file that came from a Gmail account. In addition, the hackers cracked websites of energy companies and they put an iframe that vulnerabilities in Java and Internet Explorer exploited. Finally, there was a JavaScript code, which gathered information about browser plugins. Subsequently, on the basis of the installed plug-ins, the most feasible exploit applied.

The exact motive of the hackers is not known. Symantec thinks they operate from Eastern Europe, because the malware was used to working from Monday to Friday in particular. The times were consistent with one working in Eastern Europe.


In: Technology & Gadgets Asked By: [17636 Red Star Level]

Answer this Question

You must be Logged In to post an Answer.

Not a member yet? Sign Up Now »