Friday, July 04, 2014: The US govt has warned against malicious software from the Russian hacking group “Energetic Bear”. This warning is highly serious for critical infrastructure operators and asked them to review their computer networks. The Department of Homeland Security’s Industrial Control Systems Cyber Emergency Response Team (ICS-CERT), issued the warning after researchers with F-secure of Finland and Symantec Corp of US believes that it is a campaign to infect energy and industrial firms around the world with malicious software Havex Trojan.
ICS-CERT has advised all operators to tighten the security and provided them with a list of steps to be followed, in order to protect their business better. “ICS-CERT strongly recommends that every organisation must check their network logs for any activity related to this campaign,” said, DHS in an alert. Havex Trojan is a remote access trojan which allows hackers to gain control of the infected machine. It can be used for other purposes as well, like downloading malicious tools on compromised machines.
Experts say that this Trojan is being used for spying purpose only but it has potential of complete sabotage also. The intended targets of this particular group are- Spain, United States, France, Germany and Italy. Symantec said that 1,018 organisations across 84 countries had been hit by this malware.