The “Dragonfly” malware campaign that was detected this past spring might not have been targeting industrial control systems, as was first reported.

Instead, Joel Langill an industrial cyber security expert said the Dragonfly campaign was intended for espionage against pharmaceutical companies. In “Defending Against Dragonfly Cyber Security Attacks,” Langill, along with the support of Belden, an end-to-end transmission solutions provider, compared the affected victims to one another to determine their common characteristics.

As evidence that pharmaceutical companies were the main targets, Langill found that the three companies targeted by the malware were primarily offering products and services used by the pharmaceutical industry. Plus, the Dragonfly malware contains an Industrial Protocol Scanner that finds devices typically installed on systems used by consumer packaged goods industries, including pharmaceutical groups.