Russian hackers have allegedly gained access into core systems of some American companies that supply power to the U.S. power grid, in what is being called an unprecedented level of cyber penetration and intrusion.
A California research firm, Symantec, on Wednesday said the group Dragonfly 2.0 likely penetrated more than a dozen American and European companies.
Reuters reported Wednesday that the hackers used malware email campaigns as the entry point into systems in the U.S., Turkey, Switzerland and likely other countries.
Dragonfly is also known as Crouching Yeti and Energetic Bear, and while Symantec researchers declined to actually say the group is Russian, they do acknowledge it is a state-sponsored attack that used some Russian coding. Other research firms have said Dragonfly is tied to the Russian government.
“This is the first time we’ve seen this scale, this aggressiveness, and this level of penetration in the US, for sure,” Eric Chien, technical director of Symantec’s Security Technology & Response Division, exclusively told BuzzFeed News. “What we’re seeing is them getting into dozens, as far as we know, likely more, of organizations who are basically energy companies. We’re talking about organizations who are supplying power to the power grid.”
BuzzFeed also reported that the Department of Homeland Security (DHS) is aware of the cyber espionage.
“DHS is aware of the report and is reviewing it. At this time there is no indication of a threat to public safety,” DHS spokesperson Scott McConnell told BuzzFeed News, it reported. “As always, DHS supports critical infrastructure asset owners and operators who request assistance with intrusions or potential intrusions to their networks.”