We are under attack! Malware targeting energy companies in the USA and Europe
Technology can be a wonderful thing. We live in quite the glorious time, where we have access to amazing medicines and computers. Science and technology have improved everyone's lives -- rich or poor, man or woman -- we all benefit.
Sadly and scarily, technology can harm us too. We have all become far too dependent on devices like smartphones and utilities like indoor plumbing and electricity. If you want to see the worst of humanity, look no further than a blackout. When there is a large-scale power-outage, society quickly breaks down. Friends and neighbors will turn on each other for a loaf of bread at a local bodega. Today, Symantec announces a malware discovery that targets energy companies, including in the USA. In other words, this malware has the potential to cause chaos and destroy society.
According to Symantec, a group of evil-doers called "Dragonfly" is conducting a cyberespionage campaign in the United States, Spain, France, Italy, Germany, Turkey, and Poland by utilizing two pieces of malware -- Backdoor.Oldrea and Trojan.Karagany. However, Oldrea seems to be the primary tool in the attacks.
"Once installed on a victim's computer, Oldrea gathers system information, along with lists of files, programs installed, and root of available drives. It will also extract data from the computer's Outlook address book and VPN configuration files. This data is then written to a temporary file in an encrypted format before being sent to a remote command-and-control (C&C) server controlled by the attackers", says Symantec.
The security company further explains, "Karagany is capable of uploading stolen data, downloading new files, and running executable files on an infected computer. It is also capable of running additional plugins, such as tools for collecting passwords, taking screenshots, and cataloging documents on infected computers".
Whoa. What makes this really scary is that these are not lax third-world countries being targeted, but very advanced nations including the USA. This is very reminiscent of the stuxnet virus which targeted Iranian power plants. While that virus has been rumored to have been created by the USA, that has never been proven 100 percent, despite strong beliefs by many. Symantec implies that Dragonfly may have government sponsorship, but that is not confirmed at this time.
The ramifications are startling. These hackers could be spying on us through the use of malware. Even worse, there is the potential for sabotage -- creating a disaster or disrupting the energy supply.
While we are lucky nothing horrible has happened yet, this should serve as a huge wake-up call to the fragility of the internet and society. A hacker that is successful in sabotage of power companies could potentially cause chaos. Like I said, something like a large-scale power outage can bring out the worst of humanity.
Are you frightened by this news? Tell me in the comments.