What happens? They steal data mostly. Data worth money or to give them a strategic advantage.
Or they can choose to damage the systems. It happens every single day.
Here is a quote from an article published November 4, 2014;
“In the report, researchers point out varying versions of BlackEnergy – BE2 and BE3 – in attacks, but Baumgartner said that BlackEnergy3 “seems to have been a delivery vehicle for BlackEnergy2 at a victim site.”
Included in the report were indicators of compromise (IOCs) for BE2 and BE3, along with attack methods Sandworm Team used to target four unnamed victim organizations.”
http://www.scmagazine.com/experts-share-new-insight-on-sandworm-apt-exploits-blackenergy-malware/article/381378/2/
Four victims, how about that. A little different than what the ABC article implies.
http://www.isightpartners.com/2014/10/cve-2014-4114/
That is another good article on Sandworm and who they targeted. Again it paints a picture completely different than the one in the article this thread links. Specifically different than this allegation; “A destructive “Trojan Horse” malware program has penetrated the software that runs much of the nation’s critical infrastructure and is poised to cause an economic catastrophe, according to the Department of Homeland Security.” That statement seems to be a bunch of crap.
Here is another article about sandworm targeting SCADA apparently sandworm hasn’t been sucessful at penetrating a SCADA system to date. They were “spear-phishing” a weponized powerpoint document. The Microsoft vulnerabilty the weponized powerpoint used has been patched;
http://www.isightpartners.com/2014/10/sandworm-team-targeting-scada-systems/