Cybersecurity security company, Symantec has uncovered a vast hacking of hundreds of oil and gas companies in the United States, Spain, France, Italy, Germany, Turkey and Poland. The hacking appears to be the work of a group of Russian hackers referred to by Symantec as “Dragonfly.” Although such industrial espionage has been common for the last few years, it has become much more concentrated in the last six months. According to Symantec, the purpose of the hacking into the computers of these companies is not to destroy oil rigs, power generators or other infrastructure, but rather more to steal information about the operation of the victims’ companies, their technology and their trade secrets. The manner in which the malware has been implanted by the hackers is particularly interesting as it is indicative of a newer trend in such hackings. Similar to the hacking of Target, where Target was not hacked directly, but a third party vendor of Target’s with less computer security was hacked and then the access of the third party vendor to Target’s computers was used to infiltrate Target’s computer systems and download malware, so in this case Dragonfly initially hacked into the computer systems of a number of industrial control software developers whose programs were used by the targeted energy companies. By inserting the malware into the programs of the software developers, the malware was, in turn, passed on to the targeted energy companies when they downloaded the infected software from these vendors with whom they did business. Another way that malware has been passed on to energy companies in recent years has been through what is called “watering hole attacks” by which the hackers infect a website frequented by the intended target such that when the intended victims visit the infected website, which may be a restaurant from which employees of the targeted company wish to order take-out food, they unwittingly download the malware into their companies’ computers.
Corporations around the world have got to to a better job of protecting their computers. In addition to the risk to these companies of having their information stolen and harming them in the competitive marketplace, the real risk of sabotage exists as well. Cyberterrorism aimed at crucial infrastructure such as utilities is a very real risk throughout the world. As for the rest of us, as individuals, we can also fall victim to the same kind of hacking which may be used by hackers primarily interested in identity theft. The best protection for us as individuals is to make sure that your computer’s anti-malware and anti-virus software is up to date at all times. If you are particularly prudent, you may wish to restrict your financial information storage and financial transactions to a separate computer in your home so that if you do end up having the latest malware unwittingly installed on a computer that you use for other purposes, you will not run the risk of having your important personal information stolen.