Security firm Symantec has discovered a large-scale hacking campaign responsible for successfully infiltrating the computer systems of more than a thousand power plants across the United States and Europe.
In a blog post published on the company’s website Monday, Symantec said the group of attackers, dubbed “Dragonfly,” used a malware campaign to spy on systems operations, but could have taken the remote-access hack a step further and manipulated those systems to cause serious damage.
Everything from grid operators to gas pipelines across 1,018 organizations primarily in the United States, Spain, France, Italy, Germany, Turkey, and Poland were infected. Dragonfly employed a variety of attacks from basic phishing emails all the way to targeting component manufacturers, the parts from which would then infect systems further downstream.
According to the Symantec post, Dragonfly’s attack draws similarities to the highly effective Stuxnet virus developed and deployed by the U.S. against Iran, which inflicted serious damage against the country’s nuclear power plants in 2010.
Control servers used by the group have been traced back to Eastern Europe, leading some to speculate the sophisticated attacks originated in Russia. The reason for the attack remains unclear.