|
gptkbp:instanceOf
|
gptkb:cybercrime
|
|
gptkbp:activeYearsStart
|
2010s
|
|
gptkbp:alsoKnownAs
|
gptkb:Energetic_Bear
gptkb:Dragonfly
Crouching Yeti
|
|
gptkbp:attributedTo
|
gptkb:US_Department_of_Homeland_Security
gptkb:FBI
private cybersecurity firms
|
|
gptkbp:countryOfOrigin
|
gptkb:Russia
|
|
gptkbp:enemyOf
|
gptkb:cybercrime
supply chain attack
watering hole attack
|
|
gptkbp:industry
|
gptkb:energy
critical infrastructure
industrial control systems
|
|
gptkbp:motive
|
gptkb:intelligence_gathering
espionage
|
|
gptkbp:notableBattle
|
attacks on US and European energy companies
|
|
gptkbp:notableFor
|
2014
2017
2020
|
|
gptkbp:notableOperation
|
Dragonfly 2.0
attacks on European energy sector
attacks on US critical infrastructure
|
|
gptkbp:notableTool
|
custom malware
remote access trojans
Havex
credential stealers
|
|
gptkbp:notableVictim
|
gptkb:government_agency
European energy companies
German utilities
US energy companies
|
|
gptkbp:relatedTo
|
gptkb:Sandworm_Team
gptkb:APT28
other Russian APT groups
|
|
gptkbp:suspect
|
gptkb:Russian_government
|
|
gptkbp:tactics
|
phishing
malware distribution
credential harvesting
watering hole
supply chain compromise
|
|
gptkbp:usesMalware
|
gptkb:ComRAT
Havex
Karagany
RATs (Remote Access Trojans)
|
|
gptkbp:bfsParent
|
gptkb:Russian_state-sponsored_hackers
|
|
gptkbp:bfsLayer
|
7
|
|
https://www.w3.org/2000/01/rdf-schema#label
|
Berserk Bear
|