Security Market Segment LS
Monday, 11 September 2017 12:01

Energy grid attacks no real threat: researcher


An independent security consultant has dismissed claims by Symantec that a new wave of attacks is taking aim at energy targets in the US and Europe, saying such probes are "meant to demonstrate capabilities, while offering no real threat to the distributed US energy grid".

James Scott, a senior fellow at the Institute for Critical Infrastructure Technology, said these so-called attacks constituted "show-of-force intelligence gathering and cyber-kinetic sabotage malware attacks against US Energy infrastructure".

He added that these attacks were "neither novel nor warrant mass-hysteria attempts by fearmongers seeking to exploit the incident for personal gain".

Last week, Symantec issued a detailed blog post in which it claimed a group, known as Dragonfly, had been carrying out three types of attacks: phishing emails sent to employees of energy companies, bids to attract these individuals to watering holes that were infected, and the use of malicious emails to obtain network credentials.

But, when asked, the company refused to provide either the content of any of these emails or the URL of a watering hole.

In a blog post, Scott said Dragonfly, which he described as an Eastern European threat actor also known as Energetic Bear, had targeted the defence and energy industries, and ICS equipment manufacturers from 2011 to 2014 in a manner that was suggestive of a state sponsor.

"Dragonfly specialises in targeting organisations with lackadaisical cyber security, cyber hygiene or IT-OT separation and tangential third-party networks that could be compromised as part of lateral-access attacks," Scott wrote.

But he said that the possibility of credible cyber kinetic sabotage attacks, while legitimate, were diminished by the distributed nature of the US energy grid.

"The redundancy systems in place, and the likelihood that the sophisticated adversary could adequately anticipate and prudently avoid the attentive response of US intelligence services" were other mitigating factors, he pointed out.

Scott said if Dragonfly was a Russian state-sponsored group, then the compromises could be a show-of-force meant to indirectly respond to recent sanctions placed on the sponsor. 

"If the group is mercenary, the campaign could be a demonstration of skill. In either case, while the capability exists, actual cyber-kinetic impacts similar to the Black Energy malware attacks against Ukraine, would do little other than draw the ire of the US and its allies," he said.

"Considering that Energetic Bear has only just re-emerged, the likelihood that it would substantiate an attack that would necessitate its immediate dispersion is minimal."

Please join our community here and become a VIP.

Subscribe to ITWIRE UPDATE Newsletter here
JOIN our iTWireTV our YouTube Community here


It's all about Webinars.

Marketing budgets are now focused on Webinars combined with Lead Generation.

If you wish to promote a Webinar we recommend at least a 3 to 4 week campaign prior to your event.

The iTWire campaign will include extensive adverts on our News Site and prominent Newsletter promotion and Promotional News & Editorial. Plus a video interview of the key speaker on iTWire TV which will be used in Promotional Posts on the iTWire Home Page.

Now we are coming out of Lockdown iTWire will be focussed to assisting with your webinatrs and campaigns and assassistance via part payments and extended terms, a Webinar Business Booster Pack and other supportive programs. We can also create your adverts and written content plus coordinate your video interview.

We look forward to discussing your campaign goals with you. Please click the button below.



iTWire TV offers a unique value to the Tech Sector by providing a range of video interviews, news, views and reviews, and also provides the opportunity for vendors to promote your company and your marketing messages.

We work with you to develop the message and conduct the interview or product review in a safe and collaborative way. Unlike other Tech YouTube channels, we create a story around your message and post that on the homepage of ITWire, linking to your message.

In addition, your interview post message can be displayed in up to 7 different post displays on our the site to drive traffic and readers to your video content and downloads. This can be a significant Lead Generation opportunity for your business.

We also provide 3 videos in one recording/sitting if you require so that you have a series of videos to promote to your customers. Your sales team can add your emails to sales collateral and to the footer of their sales and marketing emails.

See the latest in Tech News, Views, Interviews, Reviews, Product Promos and Events. Plus funny videos from our readers and customers.


Sam Varghese

Sam Varghese has been writing for iTWire since 2006, a year after the site came into existence. For nearly a decade thereafter, he wrote mostly about free and open source software, based on his own use of this genre of software. Since May 2016, he has been writing across many areas of technology. He has been a journalist for nearly 40 years in India (Indian Express and Deccan Herald), the UAE (Khaleej Times) and Australia (Daily Commercial News (now defunct) and The Age). His personal blog is titled Irregular Expression.

Share News tips for the iTWire Journalists? Your tip will be anonymous