US gas companies under siege, DHS warns

Powered by SC Magazine
 

Sustained attack proving difficult to quell.

Natural gas pipelines in the United States have been under attack from a focused group of adversaries since Christmas, the  Department of Homeland Security (DHS) says.

The DHS Industrial Control Systems Cyber Emergency Response Team's (ICS-CERT)  warned in an alert that officials have received reports of successful intrusions into the networks of organisations affiliated with the natural gas pipeline industry.

"Analysis of the malware and artifacts associated with these cyber attacks has positively identified this activity as related to a single campaign," the alert said. "The campaign appears to have started in late December 2011 and is active today."

Attackers appear to be using social engineering to gain a network foothold, the CERT said, and had served spear phishing emails to select targets.

The agency did not identify the adversaries. It had tried to determine the breadth of the infection, and ways to detect and remove the malware.

"ICS-CERT has conducted a series of briefings across the country to share information related to the intrusion activity with asset owners [and] operators," it said. "ICS-CERT will continue to work with private sector and government partners to respond to this and other cyber threats."

The US had more than 210 natural gas systems covered by 300,000 miles of pipes, 2007 figures from the Department of Energy state.

Government and private-sector security experts have been warning for several years how susceptible critical infrastructure organisations are to cyber attacks, especially as control systems become increasingly connected to the public internet.

DHS spokesman Peter Boogaard told SCMagazine.com that ICS-CERT has collaborated with private companies in the oil-and-gas sector since March. 

"DHS is coordinating with the FBI and appropriate federal agencies, and ICS-CERT is working with affected organisations to prepare mitigation plans customised to their current network and security configurations to detect, mitigate and prevent such threats," he said.

This article originally appeared at scmagazineus.com

Copyright © SC Magazine, US edition


US gas companies under siege, DHS warns
 
 
 
Top Stories
Photos: iTnews Benchmark Awards countdown begins
Just a few days left until entries close for 2014.
 
Australian Govt to rethink cyber security strategy
Six-year old policy to be refreshed.
 
The failure of the antivirus industry
[Blog post] Insights from AVAR 2014.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
Who do you trust most to protect your private data?







   |   View results
Your bank
  38%
 
Your insurance company
  3%
 
A technology company (Google, Facebook et al)
  8%
 
Your telco, ISP or utility
  7%
 
A retailer (Coles, Woolworths et al)
  2%
 
A Federal Government agency (ATO, Centrelink etc)
  20%
 
An Australian law enforcement agency (AFP, ASIO et al)
  15%
 
A State Government agency (Health dept, etc)
  5%
TOTAL VOTES: 1035

Vote