Last fall, energy companies in several countries, including Germany and the United States, found out via a cybersecurity report from Symantec that hackers had figured out a way to breach their infrastructures.
These hackers could potentially switch off the power grids at those establishments and wreak havoc on their computer systems.
Now, more recent news includes allegations that Russia was the country behind the scheme.
Hans–Georg Maassen is the president of the Federal Office for the Protection of the Constitution, which is Germany’s domestic intelligence agency. He says there are numerous aspects about the incident — including the way it was carried out — that indicate potential involvement by the Russians.
The Berserk Bear Attack
This June, Germany’s cybersecurity agency, BSI, called the German power company attack “Berserk Bear.” Although BSI only named the issue recently, it became aware of it last year and said it had only managed to break inside the networks of a few companies related to German energy and electricity. Moreover, BSI says those previously infiltrated networks are now locked down.
Maassen declined to specify how many companies the hackers initially targeted when carrying out their attempts.
Russians Deny Involvement
In light of this development, Dmitry Peskov, a spokesman for the Kremlin, said he didn’t know what Maassen was talking about regarding the links to Russia when asked to comment on the matter.
Similarly, Maria Zakharova, a person associated with the Russian foreign ministry, seemed to take issue with the vagueness of Maassen’s stance. She stated: “(Germany) should give facts.”
This isn’t the first time Germany has had its eye on Russia in association with suspected hacking. After the alarm was raised about Russian interference in the U.S. presidential election, German officials began pondering if the same thing could happen in their country.
Unlike the United States, Germany does not use voting machines with internet connections. Even so, representatives knew it was necessary to remain vigilant against possible manipulation of the democratic process from outside influencers.
However, details have not emerged about whether the attack on the energy companies was similar to what happened in the U.S. elections.
Lying in Wait
Information from Symantec about the Berserk Bear attacks mentioned they were concentrated in Ukraine and Turkey.
They involved tricking energy company employees into opening Word documents that acted as harvesters for sensitive details, including email addresses and credentials that could be used for access to a company’s energy grids.
Specifics also clarified there was no evidence of the hackers modifying the machines they broke into. The goal was seemingly to gather insights about system operations that hackers could later use to orchestrate massive attacks and those motivated by political events, in particular.
The hackers collectively referred to under the Berserk Bear moniker are also sometimes called Dragonfly, and cybersecurity groups, including CrowdStrike, also brought up Russia as a country possibly behind the attacks. They said there could be a desire to get information about the energy infrastructures of countries to use that knowledge for diplomatic gain.
Adam Meyers, vice president of intelligence at CrowdStrike, pointed out that if Russia was involved in some of the energy company hacks in other nations, the Dragonfly hackers might have set their sights on Turkey. This is because representatives in Ankara shot down a Russian plane believed to be in its airspace.
Details Are Still Scarce
Maassen has not gone into depth about his beliefs about Russian involvement in the Berserk Bear attacks, which means all people can do until he reveals more specifics about his allegations is speculate.
This is not the first time Maassen has connected Russia to a suspicious attack. However, he’d likely not have stepped into the spotlight by giving a public statement about his beliefs without something substantial to back them up.
Hopefully, that means people will know more details soon.