Russian Hackers – a Threat to Power Companies


Monday July 14, 2014

Written by: Captain Planet

The group most recently known as Energetic Bear, previously called Dragonfly, are using malware to infiltrate the industrial control systems of Western energy companies. Over recent months they have targeted petroleum pipeline operators, grid operators, major electricity generation firms and other strategically important energy companies.

Security firm Symantec believe that the Russian government may be backing Dragonfly, explaining “Dragonfly bears the hallmarks of a state-sponsored operation, displaying a high degree of technical capability.”

Attacking Monday to Friday between the hours of 9am and 6pm, Dragonfly is thought to have compromised more than 1,000 company’s computer systems to spy on them – they have not yet attempted sabotage. If they were to, they could cause serious disruption to energy supplies.

The attacks have gone on for 18 months, the worst seeing remote-access type Trojans used on numerous industrial control systems. Dragonfly seem to be using similar tactics to those used in Stuxnet attacks, which are believed to have infiltrated Iran’s uranium enrichment facility. It is believed the US were to blame for the 2010 attacks, which temporarily disabled 1,000 centrifuges that were being used to enrich uranium by Iran.

It is believed that Dragonfly use traps set on ‘watering hole’ sites, sites that are trusted by the company targeted and therefore likely to be frequented, to infect the energy companies. This form of cyber-attack is associated with espionage attacks.


Dragonfly have been known to be operating since 2011, when they were targeting defence and aviation companies in the US and Canada. In 2013 they began to attack US and European energy firms, receiving the newer name of Energetic Bear.

 Countries that have been effected by Energetic Bear's attacks

Pie Chart: Countries that have been effected by Energetic Bear’s attacks

Although there is, of course, a future risk of sabotage, so far it seems that the malware is being used to spy, rather than sabotage. The Russian government aren’t strangers to cyber spying, with FAPSI (Russia’s Federal Agency of Governmental Communications and Information) being the equivalent of America’s National Security Agency.


Get Your Anonymous T-Shirt / Sweatshirt / Hoodie / Tanktop, Smartphone or Tablet Cover or Mug In Our Spreadshirt Shop! Click Here



  1. Get into world war control systems and shut them down without there control systems they can’t make war. Order the military to take down there own government in each country a military power exists. IE the world and order the military to hand power back to the people. After government is cleaned of the corresponding corrupt people running the show for there own greed.

    • I always wonder if there are any good men left in our military who would take down these evil elites. I would personally volunteer to have my guts removed and surgically implant a bomb into my abdomen and walk into a building were the elites are and set it off. That’s how serious the situation is, they must be stopped.

  2. J aimerai qu on sous titre les reportage ou plublication en francais si c est possible.
    J aimerai donnee mon avis sur certains sujet merci d avance

  3. That’s the purpose of these attacks. To show our corrupted elected officials that they should fear the people. Not the other way around!


Please enter your comment!
Please enter your name here