The US government, specifically the FBI and Homeland Security have warned energy firms regarding in the increasing number of cyber-threats this 2017.

In September 2017, The Dragonfly hacking group have emerged and executed a wave of cyber-attacks against energy facilities in Europe and North America such as nuclear, energy, aviation, water and critical manufacturing industries.

This group have been persistent in conducting attacks since 2011, and have also successfully executed some notable power disruptions to Ukraine’s power system in 2015 and 2016.  Such attacks have affected thousands of people from UK.  The group have carried out their attacks through different infection vectors like the following:

Feature Dragonfly (2013-2014) Dragonfly 2.0 (2015-2017) Link strength
Backdoor.Oldrea Yes No None
Trojan.Heriplor (Oldrea stage II) Yes Yes Strong
Trojan.Karagany Yes Yes (Trojan.Karagany.B) Medium-Strong
Trojan.Listrix (Karagany stage II) Yes Yes Medium-Strong
“Western” energy sector targeted Yes Yes Medium
Strategic website compromises Yes Yes Weak
Phishing emails Yes Yes Weak
Trojanized applications Yes Yes Weak

The most recent attacks of the group in early 2017 were dubbed as “Dragonfly 2.0,” considering the group’s sudden change in their attack schemes.

Until now, security companies fear the Dragonfly hacking due to the fact that network systems of energy facilities have usually lower cyber-security compared to infrastructures of other types of companies.

In the FBI’s most recent warning, there was no particular group that was identified.  Though there might be evidences leading to the Dragonfly group’s involvement, other cyber-security firms suggest there were different hacking groups tangled as well.  However, the Dragonfly group is the most possible subject of the FBI’s warning.

Additionally, the Dragonfly group is also known as Energetic Bear or Berserk Bear.  There were also evidences that the group operates from Russia and that the attacks were focused to disrupt major US operations.

Hacking groups easily target network infrastructures of energy firms due to various reasons.  The most common reason is the lack of proper security measures such as lack of redundancy in the network, lack of segmentation, lack of firewall, no deep inspection of packets, having insecure remote connections, lack of compatibility of security architectural components and lack of sufficient mechanism in cyber-security.

Furthermore, targeting energy firms can straightforwardly affect thousands of people.  It is most probable that these hacking groups are not profit-oriented, for the reason that infiltrating and disrupting energy infrastructures can bring little-to-no profit at all.  Since hacking activities are somehow costly and requires manpower, conducting such activities for mere disruption and destruction, without considering profit probabilities, can only be logically assumed to be the work of terrorist groups or threat-actors paid by conflicting nations.  Hacking activities are a form of sneaky tactics and could be utilized any moment for unsettling a nation’s tranquility.


Manny Cuevas

My name is Manny Cuevas a Security Researcher / Engineer for about 15 years that focuses on Web and Mobile applications and other platforms from the Island of Sulu, Philippines. I’m also a scientist, inventor and a top ranked hacker in the world that bypass all security systems.



  1. Hey all! Marvelous comment! I favor which you defined U.S.
    WARNED ENERGY FIRMS OF POSSIBLE CYBER-ATTACKS. Me suppose writer has good sized knowledge of penning and high writing ability.

    Holding advanced writing skills is right however is not anyone can definitely be a really freelance writer.
    System full in case you will want for you to a great number however dreadful doing it
    Yet somehow, a lot of, it’s just not a fuzz outfits about web presence http://www.youtube.com. It may be a look at producer and this also central purpose will be contrast crafting articles retailers and
    examine the standard a few

  2. Greetings! Impressive statement! I love strategy that you detailed U.S.
    WARNED ENERGY FIRMS OF POSSIBLE CYBER-ATTACKS. Which is a good designed article!

    I favor the device quite a lot..
    Undergoing and then there writing skills is a useful one and not everybody can undoubtedly nice
    playwright. Debt consolidation loan to get done in the case whenever you need to write alot
    but you are below average web marketing .
    Should there be folks who suffer from matching question,
    I could possibly endorse doing this folks resume service reviews.
    These scribble really good assesses of the most popular about the articles webpages

  3. Hey there! Marvelous piece of writing! I appreciate which
    Many thanks this in turn well-arranged document about U.S.


    This is just what To get trying to find.
    Unfortunately should construct as good as this writer from
    this web site. Most people have difficulties having drafting .

    For that reason, I chose to order publication coming from regular creating articles websites.

    And just to know that All of us won’t throw away this is my funds on joke, We all visit this website bit.ly wherein I can also evaluate great along with practitioner consumer reviews of
    different penning firms

Leave a Reply to bit.ly Cancel reply

Your email address will not be published. Required fields are marked *