Russians Have Hacked Dozens Of US Energy Companies, Researchers Say
A hacker group linked to the Russian government has acquired an unprecedented level of access to companies that supply power to the US power grid, a cybersecurity firm says.
Symantec, a California-based firm that provides cybersecurity services and worldwide research against online threats, says the group, which it's nicknamed Dragonfly 2.0, may have compromisedmore than a dozen American companies in recent months.
Dragonfly - also called Crouching Yeti, or Energetic Bear, depending on which researcher you talk to - was an established hacker group that attacked energy sector targets around the world from at least 2011 until 2014, when it went quiet after its tactics were exposed by public research. Researchers at Symantec have declined to specifically cite Russia as the culprit, though they do say it's a state-sponsored attack. Researchers at other firms, like CrowdStrike and FireEye, have tied Dragonfly to the Russian government.
"This is the first time we've seen this scale, this aggressiveness, and this level of penetration in the US, for sure," Eric Chien, technical director of Symantec's Security Technology & Response Division, told BuzzFeed News.