Dragonfly Cyber Threats: A Case Study of Malware Attacks Targeting Power Grids
Keywords:Dragonfly; Critical Infrastructure; Industrial Control System; SCADA; Malware Attacks
The Energetic Bear group, also known as Dragonfly, is a collection of cyber attackers that have successfully infiltrated the critical infrastructure of American and European governments. They have been identified as the primary suspects in one of the most severe instances of cyber espionage in the history of the United States, utilizing Advanced Persistent Threat (APT) tactics for their operations. Through a variety of techniques, such as social engineering, Trojanized software, and watering hole attacks, the group has targeted its victims. This paper uses the group's attack scenario as a case study for cyber-attacks on power grids, presenting the methods used by the group. The paper also includes an analysis of the malware samples used by the group and provides forensic findings.
How to Cite
This is an open Access Article published by Research Center of Computing & Biomedical Informatics (RCBI), Lahore, Pakistan under CCBY 4.0 International License