US cyber security firm Symantec has claimed a group it dubs ‘Dragonfly’ has attempted to hack energy grids around the world.
The group targeted energy companies in the United States and Europe and in some cases broke into core systems that control the companies’ operations.
The group uses malicious emails, software and websites to infect computers used by employees of energy companies.
For example, one campaign sent malicious emails disguised as an invitation to a New Year’s Eve party to targets in the energy sector in December 2015.
Once opened, the attached malicious document would attempt to leak victims’ network password and username to a server outside of the targeted organisation.
The Dragonfly group appears to be interested in both learning how energy facilities operate and also gaining access to operational systems themselves.
Symantec said the group now potentially has the ability to sabotage or gain control of these systems should it decide to do so.