Eastern European-based attackers gained access to the networks of energy providers by tampering with software updates for industrial control systems, gaining a foothold that could be used for sabotage, Symantec said Monday. The Dragonfly group, which appears to operate from Eastern Europe, compromised three ICS vendors, adding a piece of remote access malware to legitimate software updates, the security vendor wrote in a blog post Monday.