Statements (48)
| Predicate | Object |
|---|---|
| gptkbp:instanceOf |
cybercrime
|
| gptkbp:activeYearsStart |
2010s
|
| gptkbp:alsoKnownAs |
gptkb:Energetic_Bear
gptkb:Dragonfly Crouching Yeti |
| gptkbp:attributedTo |
gptkb:US_Department_of_Homeland_Security
gptkb:FBI private cybersecurity firms |
| gptkbp:countryOfOrigin |
gptkb:Russia
|
| gptkbp:enemyOf |
cybercrime
supply chain attack watering hole attack |
| https://www.w3.org/2000/01/rdf-schema#label |
Berserk Bear
|
| gptkbp:industry |
gptkb:energy
critical infrastructure industrial control systems |
| gptkbp:motive |
gptkb:intelligence_gathering
espionage |
| gptkbp:notableBattle |
attacks on US and European energy companies
|
| gptkbp:notableFor |
2014
2017 2020 |
| gptkbp:notableOperation |
Dragonfly 2.0
attacks on European energy sector attacks on US critical infrastructure |
| gptkbp:notableTool |
custom malware
remote access trojans Havex credential stealers |
| gptkbp:notableVictim |
gptkb:government_agency
European energy companies German utilities US energy companies |
| gptkbp:relatedTo |
gptkb:Sandworm_Team
gptkb:APT28 other Russian APT groups |
| gptkbp:suspect |
gptkb:Russian_government
|
| gptkbp:tactics |
phishing
malware distribution credential harvesting watering hole supply chain compromise |
| gptkbp:usesMalware |
gptkb:ComRAT
Havex Karagany RATs (Remote Access Trojans) |
| gptkbp:bfsParent |
gptkb:Russian_state-sponsored_hackers
|
| gptkbp:bfsLayer |
7
|