Apparently for the past three-years, a Eastern European cyber-espionage group has waged a campaign against US and European energy companies. The attackers have been aimed at granting attackers access to industrial control system networks that could be used to sabotage and disrupt energy supplies.
The group has earned the name “Energetic Bear” for its apparent Russian connection and focus on energy companies, The attack began in 2011, and the specialized malware has impacted 1,000 companies in 84 countries.
Whoever is behind the attacks, they have the hallmarks of being state-sponsored – including echoes of Stuxnet, the world’s first known cyber-weapon, which was deployed by the US and Israel to sabotage Iran’s nuclear fuel production facilities at Natanz four years ago.
Read more about this scary and fascinating “watering-hole” attack – named as such because the targets go to a reputable vendor site to get software that they need and unwittingly leaving with the malware. Yikes!