Public utility companies and federal governments need to be more aware to the real threat of cyberattacks, with criminals reaching new levels of network penetration. Following suspicions of a cyberattack, companies need to conduct an in-house and third-party security audit to determine how the incident occurred.
It was previously noted that public utility companies struggling to meet growing cyberattack threats - but the realization that eastern European hackers were able to compromise oil and gas companies as part of "Dragonfly" provides a more frantic view of cybersecurity. The U.S. government is mulling over stricter regulations to force utility companies to be more careful with network connections and security from outside threats.
"These infections not only gave the attackers a beachhead in the targeted organizations' networks, but also gave them the means to mount sabotage operations against infected (industrial control system) computers," Symantec noted.