by Suzanne Kelly
A series of natural gas pipeline sector companies are being targeted by a cyber attack that appears to have been launched in December, according to a notice from the Department of Homeland Security.
The threat was disclosed in a monthly note published by the Industrial Control Systems Cyber Emergency Response Team (ICS-CERT), a DHS division devoted to cybersecurity.
"DHS’s Industrial Control Systems Cyber Emergency Response Team has been working since March 2012 with critical infrastructure owners and operators in the oil and natural gas sector to address a series of cyber intrusions targeting natural gas pipeline companies," said DHS spokesman Peter Boogaard.
“The cyber intrusion involves sophisticated spear-phishing activities targeting personnel within the private companies," Boogaard said.
According to the ICS-CERT memo, "Analysis shows that the spear-phishing attempts have targeted a variety of personnel within these organizations; however, the number of persons targeted appears to be tightly focused. In addition, the emails have been convincingly crafted to appear as though they were sent from a trusted member internal to the organization."
Spear-phishing attacks are efforts to get employees to click on e-mail attachments.
Some attackers have become so sophisticated in their efforts that they research known employees on Internet social sites and then craft an e-mail that appears to come from someone who is known to the intended target.
Once the target clicks on the e-mail, malicious material can easily be uploaded, or systems monitored, often without the person ever knowing about it.
In this case, government investigators have been able to identify the nature of the attacks, but not necessarily the exact size or scope yet.
"DHS is coordinating with the FBI and appropriate federal agencies, and ICS-CERT is working with affected organizations to prepare mitigation plans customized to their current network and security configurations to detect, mitigate and prevent such threats," Boogaard said.
The cyber attack appears to have been reported by the private sector companies that would have had access to the information, namely, those under attack.
The self reporting of such attacks has been at the heart of cyber legislation debates on the Hill as lawmakers struggle to find more effective ways to convince private sector companies to not only report, but then to allow the government access to its databases so that it can better understand the source and intention of the attacker or attackers.
In this case, according to the memo, ICS-CERT has not only been able to analyze the data, but it has also gained a prime position from which to monitor the malicious activity - something that generally leads investigators back to not only the source of the attack, but can also allow them to glean clues about the intention and sophistication of the attacker.
Sometimes in cyberspace, it’s what you don’t know that creates the most anxiety. ICS-CERT hasn’t yet said whether it knows what the cyber attackers were hoping to do.
© 2012 Cable News Network. Turner Broadcasting System, Inc. All Rights Reserved.
| Advertise with us | About us | Help | Advertising Practices
I think the interesting aspect of the story is how the basis for the attack is e-mails that look like they come from co-workers and may very well include relevant personal details.
Generally speaking I sure hope that people aren’t blindly opening attachments just because an e-mail appears to come from someone they know. Everyone does realize that it is possible to fake an e-mail’s from address, right?
Read the rest here:http://jacksonshaw.blogspot.com/
The Department of Homeland Security should change their name to the Department of Homemade Paranoia...
All they do is take small issues and blow them waaay out of proportion and scare the crap out of Americans.
Reading the other comments on here, you can see that everyone seems to believe that it's some sort of Terrorist Attack or a giant Conspiracy.
I've worked in the Control System industry for years and this is nothing new...yet now, it seems to be a 'Terrorist Attack'.
Cyber Security is a business...don't confuse it with your Safety. ICS-CERT posts a report and the companies then need to spend millions of dollars updating their systems.
Most of you seem to believe attacks like this originate in the USA or somewhere else where justice could be dealt out. There are more than one of the less friendly nations that have university level schools teaching their "students" how to do these (and worse) attacks. They've been going on for at least ten years. I would suggest you get a copy of Clarke's book "Cyber War" and read it. If you still aren't concerned after reading it, go back to sleep!
Someone's hiding something.As Usual.Cyber Attacks are serious,Very serious.If they don't want answers..Then they are hiding something.
What took you so long hackers? Bout time. Lower it to $2.
Probably a disgruntled employee...
Probably not. These are simply Anti-American terrorists with deluded images of self importance.
Being anti-American doesn't necessarily make one delusional.
wii don ned ner cumputrs. da dam demokrats invunted da cumputr ser terorizst kin atak dem. da dam demokrats unly wunt 2 raz taxiz n tayk awey r gunz n stuf. wii don ned taxiz fer skools neder. pepl kin bii hom skoold lyk mii. mi dady n his siztr (mi mum) teeched mii. i ned 2 git awey frum dis cumputr b4 da demokrats atak mii. ger republikins!!!!!!!!!!
You are obviously a product of a democrat controlled public school system.
i m a republikin lyk u. doz demokrat skools r a wast uv muny. iv uz republikins cud hav r wey wii cud hav evry 1 hom skoold lyk mii. mi dady n hiz sistr (mi mum) r rely gud teechrs. ger republikins!!!!!!!!!!!!!
http://michaelfury.wordpress.com/2009/05/11/the-gas-must-flow/
No doubt the work of home grown leftist rebel Eco-terrorist from ELF, Green Peace or the Sierra Club.
Dang those leftist eco-terrorists, doing their best to keep greedy men from blatant rape and pillage of the earths natural resources. How dare they!
If found and convicted they should be hung from the very trees they hug until the wind whistles through their bones.
I don't believe it would be an Eco-terrorist group. They would have no desire to do anything of this sorts. If you want a better understanding on why protections should be provided to private industry you should read the book Cyber War. Critical infrastructure disruption isn't about making big corporations lose money, its about impacting America as a whole.
than. than. stoped. lense. ATTACKS IS(?). RECIEVES. SENTANCES. Hoo-boy!
C
Everyone makes a typo and you can't edit your comments. That's why spelling police aren't too common here. Everyone understands the meaning of the post.
Our energy supply is directly tied to national security. Once we identify the source(s) of this incursion, swift punishment should follow.
YES & NO , WHERE & WHEN DOES A HACKER BECOME A TERRORIST , well if all traffic lights at an intersection were to become GREEN AT THE SAME TIME , and if that could be repeated by a hacker , than that hacker is a terrorist because the end result ends in terror , anything to do with our nation security on any level is to be defended , and if it is attacked by parties of no nation or military than they are terrorist.
SO since oil and natural gas piplines are part of our national security , screwing with these on any level must be seen for what it is . we have all seen the results of natural gas events on TV and they are not pretty. and oil spills also are a disaster , and the supply is stoped when things like this occur , so I say if idiots are going to play with our bridges like the five idiots last week , and we see them as terrorist , well we must see through the same lense and ID idiots that play with our oil and natural gas on any level as terrorist . HANDS OFF & CYBER ATTACKS IS STILL AN ATTACK !
ITS TIME THAT THESE IDIOTS RECIEVE LIFE SENTANCES FOR SCREWING WITH OUR ENERGY RESOURCES
Like the boys at BP?