US companies warned against ‘Energetic Bear’ virus

3 July 2014
By Tereza Pultarova
Mobile version
Share |
A hacking group known as Energetic Bear has reportedly targeted 1,018 organizations across 84 different countries

A hacking group known as Energetic Bear has reportedly targeted 1,018 organizations across 84 different countries

The US government has warned critical infrastructure operators to make sure their systems haven’t been infected with malicious software from a hacking group known as Energetic Bear.

The group has been identified by cyber-security researchers as being responsible for a widespread attack using malicious software known as the Havex Trojan. The virus was spotted by researchers with F-Secure of Finland and Symantec of the United States, who believe Energetic Bear is using the malware to infect energy and industrial firms around the world.

Havex is a Remote Access Trojan, or RAT, that grants hackers control of an infected machine. While RATs are typically used for espionage, they can be used for other purposes, including downloading other malicious tools onto compromised machines.

The researchers believe Energetic Bear may have connections with the government of Russia.

Earlier this week, the US Department of Homeland Security's Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) advised critical infrastructure operators to tighten security, and provided them a list of specific steps to better protect their systems. It also asked them to check to see if their systems had been infected.

"ICS-CERT strongly recommends that organizations check their network logs for activity associated with this campaign," Department of Homeland Security said in an alert on its website Tuesday. "Any organization experiencing activity related to this report should preserve available evidence for forensic analysis and future law enforcement purposes."

The request follows another alert last week on Havex from ICS-CERT, which said that the agency and F-Secure had learned that the malicious software was designed to send a map of the network infrastructure back to the hackers' command-and-control server.

F-Secure, Symantec and the Department of Homeland Security declined to identify companies whose systems were infected, though they said they were in the energy and industrial sectors.

F-Secure and Symantec said they believed the malicious software had so far only been used for spying, but that it had the capability to be used for sabotage.

"They are scanning and mapping out industrial control system networks," said F-Secure researcher Sean Sullivan. "They are probably passing on the ones that are of interest to other groups."

The Energetic Bear gang was first identified in January by researchers with cyber-security firm CrowdStrike, which said the group was linked to the Russian government and was focused on espionage.

Symantec said 1,018 organizations across 84 different countries had been hit by the operation, though not all countries were known and some infections might be accidental.

The security software maker said it believed the intended targets of the group were in the energy and industrial sectors. Geographically, the most activity was in Spain, followed by the United States, then France, Italy and Germany.

Latest Issue

E&T cover image 1607

"As the dust settles after the referendum result, we consider what happens next. We also look forward to an international summer of sport."

E&T jobs

  • Skilled Electrical Fitter

    MBDA
    • Bolton
    • Competitive Salary & Benefits

    What?s the opportunity?   The Electrical Fitter will carry out manufacturing and test tasks within the electrical department in accordance with product certification procedures, defined workmanship  ...

    • Recruiter: MBDA

    Apply for this job

  • Electrical Manufacturing Technician

    MBDA
    • Stevenage
    • Competitive Salary & Benefits

    What?s the opportunity?   As a qualified craftsman with experience in electrical manufacturing, the Manufacturing Technician will report to a Team Leader, receiving day to day ...

    • Recruiter: MBDA

    Apply for this job

  • Electrical Design Engineer

    Oxford Instruments
    • Yatton, Bristol
    • Competitive salary plus excellent benefits

    We are looking for an electrical designer to join our engineering design team.

    • Recruiter: Oxford Instruments

    Apply for this job

  • Consultant Engineer (Electrical Power)

    BAE Systems
    • Cumbria, Barrow-In-Furness, England
    • Negotiable

    Consultant Engineer (Electrical Power) Would you like to play a key role in providing technical direction to the design of power systems on the Successor class submarines, which will replace the current Trident-equipped Vanguard class, currently in servic

    • Recruiter: BAE Systems

    Apply for this job

  • Electrician

    The Bristol Port Company
    • City of Bristol
    • C. £31,729 per annum plus supplements, benefits and overtime

    You’re a good team worker with a strong technical capacity – so bring your talents to a new role with one of the area’s leading employers.

    • Recruiter: The Bristol Port Company

    Apply for this job

  • Supply Restoration Team Manager (HV/SAP)

    SSE
    • Oxford, Oxfordshire
    • Salary: £37,588 to £49,645 + Car (SSE8) Depending on skills and experience

    SSE is looking to recruit a Supply Restoration Team Manager to join our existing team in Oxford.

    • Recruiter: SSE

    Apply for this job

  • Electrical Technical Lead - Global Operations, Engineering & Laboratory

    Pfizer Ltd
    • Kent

    An exciting opportunity has arisen to join a dynamic team of professional engineers, supporting the development of novel drugs.

    • Recruiter: Pfizer Ltd

    Apply for this job

  • Supply Restoration Team Manager (HV/SAP)

    SSE
    • Oxfordshire
    • Salary: £37,588 to £49,645 + Car (SSE8) Depending on skills and experience

    SSE is looking to recruit a Supply Restoration Team Manager into our office in Oxford.

    • Recruiter: SSE

    Apply for this job

  • Electronics & Control Systems Engineer

    Frazer-Nash Consultancy Ltd
    • Bristol, Burton, Glasgow, Plymouth, Warrington
    • £ Competitive + Benefits

    We are seeking talented Electronics Engineers at all career levels.

    • Recruiter: Frazer-Nash Consultancy Ltd

    Apply for this job

  • Control and Instrumentation Engineers

    Frazer-Nash Consultancy Ltd
    • Bristol, Burton, Glasgow, Gloucester
    • £ Competitive + Benefits

    Frazer-Nash is currently embarking on a period of significant growth of our electrical, electronics, control and instrumentation capability.

    • Recruiter: Frazer-Nash Consultancy Ltd

    Apply for this job

More jobs ▶

Subscribe

Choose the way you would like to access the latest news and developments in your field.

Subscribe to E&T