Russian-Based Dragonfly Group Attacks Energy Industry

Event Year: 2014 Reliability: Confirmed
Country: United States
Industry Type: Power and Utilities

Dragonfly a group that has been operating since at least 2011, first started by targeting defense and aviation companies in the U.S. and Canada. In 2013, the group moved their focus into the U.S. and European energy firms. Dragonfly gains entry through these methods:
1. spear phishing emails delivering malware
2. watering hole attacks that redirected visitors to energy industry-related websites hosting an exploit kit
3. infecting legitimate software from three different ICS (industrial control systems) equipment manufacturers
As of now Dragonfly’s main motive seems to be cyber-espionage, with a likelihood of sabotage in the future.


With a growing dependencies on energy, if Dragonfly were to take action with the information it has already been able to access, this group could do a lot of damage to the U.S. and Western Europe. A possible outcome from an attack on our utilities could cripple manufactures that supply their armies with food and other crucial items.