• 40 mins OPEC Oil Deal Compliance Falls To 86%
  • 16 hours U.S. Oil Production To Increase in November As Rig Count Falls
  • 18 hours Gazprom Neft Unhappy With OPEC-Russia Production Cut Deal
  • 20 hours Disputed Venezuelan Vote Could Lead To More Sanctions, Clashes
  • 22 hours EU Urges U.S. Congress To Protect Iran Nuclear Deal
  • 24 hours Oil Rig Explosion In Louisiana Leaves 7 Injured, 1 Still Missing
  • 1 day Aramco Says No Plans To Shelve IPO
  • 4 days Trump Passes Iran Nuclear Deal Back to Congress
  • 4 days Texas Shutters More Coal-Fired Plants
  • 4 days Oil Trading Firm Expects Unprecedented U.S. Crude Exports
  • 4 days UK’s FCA Met With Aramco Prior To Proposing Listing Rule Change
  • 4 days Chevron Quits Australian Deepwater Oil Exploration
  • 4 days Europe Braces For End Of Iran Nuclear Deal
  • 5 days Renewable Energy Startup Powering Native American Protest Camp
  • 5 days Husky Energy Set To Restart Pipeline
  • 5 days Russia, Morocco Sign String Of Energy And Military Deals
  • 5 days Norway Looks To Cut Some Of Its Generous Tax Breaks For EVs
  • 5 days China Set To Continue Crude Oil Buying Spree, IEA Says
  • 5 days India Needs Help To Boost Oil Production
  • 5 days Shell Buys One Of Europe’s Largest EV Charging Networks
  • 5 days Oil Throwback: BP Is Bringing Back The Amoco Brand
  • 5 days Libyan Oil Output Covers 25% Of 2017 Budget Needs
  • 5 days District Judge Rules Dakota Access Can Continue Operating
  • 6 days Surprise Oil Inventory Build Shocks Markets
  • 6 days France’s Biggest Listed Bank To Stop Funding Shale, Oil Sands Projects
  • 6 days Syria’s Kurds Aim To Control Oil-Rich Areas
  • 6 days Chinese Teapots Create $5B JV To Compete With State Firms
  • 6 days Oil M&A Deals Set To Rise
  • 6 days South Sudan Tightens Oil Industry Security
  • 7 days Over 1 Million Bpd Remain Offline In Gulf Of Mexico
  • 7 days Turkmenistan To Spend $93-Billion On Oil And Gas Sector
  • 7 days Indian Hydrocarbon Projects Get $300 Billion Boost Over 10 Years
  • 7 days Record U.S. Crude Exports Squeeze North Sea Oil
  • 7 days Iraq Aims To Reopen Kirkuk-Turkey Oil Pipeline Bypassing Kurdistan
  • 7 days Supply Crunch To Lead To Oil Price Spike By 2020s, Expert Says
  • 7 days Saudi Arabia Ups November Oil Exports To 7-Million Bpd
  • 7 days Niger Delta State Looks To Break Free From Oil
  • 8 days Brazilian Conglomerate To Expand Into Renewables
  • 8 days Kurdish Independence Could Spark Civil War
  • 8 days Chevron, Total Waiting In The Wings As Shell Mulls Majnoon Exit

Breaking News:

OPEC Oil Deal Compliance Falls To 86%

India’s Urban Explosion Boosts Oil Demand

India’s Urban Explosion Boosts Oil Demand

As India sees incredible growth…

U.S. Urges Energy Companies To Be On Guard Against Russian Cyberattacks

The U.S. Department of Homeland Security (DHS) is urging operators of the country’s critical infrastructure to check their computers carefully against the possibility they’ve been infected with malicious software from a group of hackers who are believed to be Russian.

The group is known to private malware researchers as “Energetic Bear” because it operates during Russian working hours and mostly targets Western energy companies. The U.S. security firm Symaec and F-Secure of Finland report that the group was responsible for an effort to implant the Havex Trojan infect in their victims’ computers.

On July 1, DHS’s Industrial Control Systems Cyber Emergency Response Team, or ISC-CERT, encouraged the companies to ensure that they already hadn’t been infected and offered specific steps on preventing such attacks.

According to a Symantec report on June 30, Havex is what is known as a “remote access Trojan,” or RAT, malware that secretly enters a computer to give hackers control of the machine. Symantec and F-Secure say the malware ordinarily is used only for spying, but can be modified to sabotage a machine.

In fact, Keven Haley, the director of security response at Symantec, told The New York Times that there’s no evidence that Energetic Bear is bent on eventual sabotage, but merely want to get a better understanding of how the victim companies operate. Still, he cautioned, “[T]he potential for sabotage is there.”

Symantec, F-Secure and DHS have not identified the victims of the attacks except to say they’re in the energy and other industrial fields. They said the attacks have hit at least 1,018 companies in 84 countries, though some infections could be accidental. Most of the infections were in Spain, followed by the United States, France, Italy and Germany.

Related Article: You Won't Believe How Off-Target Grid Security Really Is

The attacks consist of flooding victims with e-mails carrying malicious attachments or hyperlinks. But Energetic Bear also targets websites that are likely to be visited by the companies’ employees. In such “watering hole attacks,” as they are known, the hackers infect a website frequented by the employees, such as the online menu of a nearby restaurant, which then infects the employee’s computer.

A frightening aspect of the Energetic Bear attacks is that they do more than tamper with a computer’s software, which can be fixed relatively easily. Symantec says these hackers often go to the machine’s physical core called the BIOS, or “basic input/output system,” which ultimately renders the computer unusable.

The Energetic Bear attacks resemble Operation Olympic Games, a series of reported attacks by the United States and Israel against Iran. The campaign used the Stuxnet virus in July 2010 to sabotage Iran’s uranium enrichment plants in what Symangec calls “the first known major malware campaign to target [industrial control] systems.”

By Andy Tully of Oilprice.com



Join the discussion | Back to homepage

Leave a comment

Leave a comment

Oilprice - The No. 1 Source for Oil & Energy News