From a Symantec article: “The energy sector in Europe and North America is being targeted by a new wave of cyber attacks that could provide attackers with the means to severely disrupt affected operations. The group behind these attacks is known as Dragonfly. The group has been in operation since at least 2011 but has re-emerged over the past two years from a quiet period following exposure by Symantec and a number of other researchers in 2014. This “Dragonfly 2.0” campaign, which appears to have begun in late 2015, shares tactics and tools used in earlier campaigns by the group.”
Bleeping Computer reports a new worm (hyena pack) in the wild that uses not only the same two NSA tools that WannaCry used, but also five more. What’s more is that the new worm lacks the kill switch that hacker developers inexplicably placed in the original WannaCry worm, and possibly scariest of all, it has no immediate destructive payload. Presently, it’s just… spreading. I know that doesn’t sound that bad… like a spreading cold virus that doesn’t make you sneeze… but I shouldn’t have to explain that a compromised system is a compromised system. No matter how dormant it may be now, it may not be so dormant tomorrow.