Energy companies hit by cyber attack from Russia-linked group

June 30, 2014

Sam Jones

The industrial control systems of hundreds of European and US energy companies have been infected by a sophisticated cyber weapon operated by a state-backed group with apparent ties to Russia, according to a leading US online security group.

The powerful piece of malware known as “Energetic Bear” allows its operators to monitor energy consumption in real time, or to cripple physical systems such as wind turbines, gas pipelines and power plants at will.

The well-resourced organisation behind the cyber attack is believed to have compromised the computer systems of more than 1,000 organisations in 84 countries in a campaign spanning 18 months. The malware is similar to the Stuxnet computer programme created by the US and Israel that succeeded in infecting and sabotaging Iran’s uranium enrichment facilities two years ago.

The latest attacks are a new deployment of malware that was first monitored by IT security companies at the beginning of the year.

Early infections by Energetic Bear appeared to be based solely around espionage.

Symantec, a US cyber security company, said on Monday, however, that it had identified a virulent new “attack vector” designed to give the malware control over physical systems themselves.

READ MORE