Russia has been conducting cyber attacks on over 1000 energy and utility companies in the US and 83 other countries for the past 18 months.
The malware they've used, according the the Financial Times, “allows its operators to monitor energy consumption in real time, or to cripple physical systems such as wind turbines, gas pipelines and power plants at will.”
Security researchers confirmed on Monday that a vicious new cyberattack has compromised the computer systems of over 1,000 organizations in 84 countries. Dubbed “Energetic Bear,” the Stuxnet-like malware is largely targeting energy and utility companies. It's almost certainly from Russia.
This is scary stuff. Not only has the attack been going on for 18 months, it appears to be focused on targets in the United States and Europe. According to the Financial Times, the malware “allows its operators to monitor energy consumption in real time, or to cripple physical systems such as wind turbines, gas pipelines and power plants at will.” This is exactly the type of attack that the government's been (very vocally) worried about lately.
The malware's capabilities give us more reasons to be worried. The two main components of the attack include the use of remote access tool type malware that gives the attackers the ability to access information on the victim's computer networks as well as to steal data, collect passwords, take screenshots, and even download and run files. In effect, it sounds like they could take control over entire utility systems. Symantec, the makers of the Norton suite, says the malware's “main motive appears to be cyberespionage” but doesn't mention any major shutdowns. The company now has fixes in place for its customers.