back to article Energy sector biz hackers are back and badder than ever before

Symantec is warning of a resurgence in cyber-attacks against firms in the energy sector by a group of hackers it calls Dragonfly. Dragonfly maintained a low profile for more than a year following exposure by Symantec and other researchers back in 2014 before a series of attacks over the last two years since December 2015. The …

  1. Mark 85

    Segmenting networks with firewalls, improved access controls and patching are needed to better defend infrastructure sector firm from potential attack, he added.

    Maybe I'm missing something but why not add, remove Internet access to such things as the generator controls, generator protection devices, etc. to the warnings? All the critical equipment should be on it's own network without access to the Internet.

    1. Anonymous Coward
      Anonymous Coward

      All the critical equipment should be on it's own network without access to the Internet

      You'd still need things like leased lines to run the SCADA. And against a nation state grade actor, tapping into a leased line is probably relatively easy. I'd expect that anybody wanting to target another country would have "plants" in the target country's telecom sector. Stuxnet didn't get into Iran's centrifuges via the internet, so it all begs the question, what are you seeking to protect from whom?

  2. Anonymous Coward
    Anonymous Coward

    There are standards...

    @Mark

    There are CIP (Critical Infrastructure Protection) standards in place today that address your concerns about network isolation, strong authentication, SCADA access, etc. (http://www.nerc.com/pa/Stand/Pages/CIPStandards.aspx)

    If you're feeling bored browse through the 11 "Subject to Enforcement" standards - they're actually quite good and many have roots in the NIST guidance. The real question is whether they are being followed, how often audits are occurring, and the effectiveness of deterrents (fines) for failing to comply.

    Anyone who does get compromised and taken down is going to have some 'splaining to do, but that won't help those sitting in the dark.

  3. Anonymous Coward
    Anonymous Coward

    Risks of coming to El Reg

    I hope El Reg treats the 'watering hole' aspect with the attention it deserves.

  4. Anonymous Coward
    Anonymous Coward

    Squirrels are still winning

    With both Ukraine attacks + stuxnet, that's still only 3 successful cyberattacks... squirrels are at 1000+...

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon