A group known as Dragonfly, has gained access to the systems of several energy companies in United States, Turkey e Switzerland through attacks of Phishing to European and North American energy companies, which in some cases led to security breaches.
One of the tactics of hackers is to compromise Word files (which simulate company files with detailed information on the energy sector) with malicious code that steals passwords (passwords) and usernames when they are opened by workers.
According to researchers from Symantec, The criminals have not yet caused a power cut with the information acquired. The group appears to be interested in learning more about how energy companies work and gaining access to operating systems.
The group has been operating at least since 2011, but has re-emerged in the past two years after a period of calm that has been exposed by Symantec, which they call this “exploratory” phase. In January, a group of hackers managed to cut off electricity in Kiev, Ucrania, after having spent six months hiding in the computer network of Ukrenergo (the country's energy distributor) acquiring information and credentials.
