A sophisticated cyber weapon has infected industrial control systems of hundreds of European and U.S. energy companies over the last 18 months,Sam Jones of The Financial Times reports.
Researchers first reported on the espionage operation, linked to the Russian government, in January.
Symantec, a U.S. cybersecurity company that uncovered more details, said it believes the group behind the attacks is “based in eastern Europe and has all the markings of being state-sponsored.”
Jones writes that the cyber weapon, dubbed “Energetic Bear,” allows its operators “to monitor energy consumption in real time, or to cripple physical systems such as wind turbines, gas pipelines and power plants at will.”
Symantec reported that the attackers first infected three leading specialist manufacturers of industrial control systems, then inserted the malware covertly into legitimate software updates that companies sent to clients.
The Specter Of Stuxnet
The malware is similar to Stuxnet, a virus created by the U.S. and Israel that infected Iran’s Natanz nuclear facility in 2007 and reportedly destroyed roughly a fifth of Iran’s nuclear centrifuges by causing them to spin out of control.
Stuxnet is the most powerful cyber weapon ever created, and cybersecurity expert Ralph Langer contends that the attack “changed global military strategy in the 21st century.” And it seems that Energetic Bear is the new reality of cyberwarfare.
“The sober reality is that at a global scale, pretty much every single industrial or military facility that uses industrial control systems at some scale is dependent on its network of contractors, many of which are very good at narrowly defined engineering tasks, but lousy at cybersecurity,” Langer wrote in Foreign Policy.
Symantec found that the attack has compromised the computer systems of more than 1,000 organisations in 84 countries. The main targets, which appear to be based on espionage, were in Spain and the U.S., followed by France, Italy, and Germany.
“To target a whole sector like this at the level they are doing just for strategic data and control speaks of some form of government sanction,” Stuart Poole-Robb, a former MI6 and military intelligence officer and founder of security consultancy KCS Group, told FT. “These are people working with Fapsi [Russia’s electronic spying agency], working to support mother Russia.”
NOW WATCH: Briefing videos
Business Insider Emails & Alerts
Site highlights each day to your inbox.