Symantec researchers discovered the widespread incursions and have warned of escalating attacks.
Ars Technica reports:
Nation-sponsored hackers have penetrated the operational networks multiple US and European energy companies use to control key parts of the power grid that supplies electricity to hundreds of millions of people, researchers warned Wednesday.
The incursions detected by security firm Symantec represent a dramatic escalation by a hacking group dubbed Dragonfly, which has been waging attacks against US and European energy companies since at least 2011. In 2014, Symantec reported that Dragonfly was aggressively establishing beachheads in a limited number of target networks, mainly by stealing the user names and passwords used to restrict access to legitimate personnel. Over the past year, the hacking group has managed to compromise dozens of energy firms and, in a handful of cases, install backdoors in the highly sensitive networks the firms use to supply power to the grid.
"What's most concerning is we now see them intruding on operational networks of energy companies," Eric Chien, technical director of Symantec's security response and technology division, told Ars.