A hacking and cyberespionage group is currently targeting industrial control systems at energy companies. According to a survey by Symantec they have broken into 27 corporate networks so far. The Dragonfly group, also known as Energetic Bear is using spear phishing campaigns and malware-infected websites to collect credentials for corporate networks. Dragonfly has been active since at least 2011 and was exposed by security analysts in 2014. Afterwards, the group seemed to go underground and has only recently emerged again in the public eye. Symantec researchers refer to the current attacks as “Dragonfly 2.0” because they replicate many aspects of the previous attacks. The attacks target industrial control systems (ICS) which belong to companies that operate pipelines, generate electricity, and other energy-related companies. The Dragongly group appears to be particularly active in Switzerland, Turkey and North America.
The growing popularity of cloud services coupled with security concerns is driving demand for managed VPNs. In particular, the success of public cloud services is gradually encouraging more enterprises to move away from conventional remote network access methods in favor of cloud-based remote access. Providing remote access via the public cloud brings organizations multiple advantages including ease of management, flexibility and lower costs. However, opinions are divided over the level of security it affords. Most users of public cloud services consider security a primary benefit. Yet mistakes can and do happen, leading to high profile consequences. One aspect of cloud management technology that is not in dispute is its capacity to simplify secure VPN connectivity for large numbers of remote workers.
Sometimes it’s hard to believe the stories we read. In the case of CEO fraud incidents, cybercriminals earn double-digit sums in the millions by persuading employees that they are acting on behalf of the CEO or another senior manager. Employees then transfer the required amount to an alleged account of a partner or supplier, based only on an e-mail or telephone request without seeking reassurance. CEO fraud follows a similar method to telephone cons targeting the elderly but causes significantly higher financial damage. In mid-2016, an international network was unraveled which was alleged to have earned USD 60 million through the cybercriminal methods of Business Email Compromise (BEC) and CEO fraud. Similar attacks are now occurring on a daily basis in Germany, with similar dramatic consequences.