July 4th, 2012
04:11 PM ET

Homeland security cites sharp rise in cyber attacks

by Suzanne Kelly

The companies that control critical infrastructure in the United States are reporting higher numbers of attacks on their systems over the past three years, according to a report issued by the Department of Homeland Security.

The Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) says the number of reported attacks is up and attackers have been targeting companies with access to the country's power grid, water filtration facilities and a nuclear facility.

According to the report, which was released last week, there were 198 incidents reported to DHS in 2011, up from nine incidents in 2009. Cyber emergency response teams went to the physical locations to investigate and further analyze the threats in 17 of the 198 cases in 2011.

The most common threat was a technique known as spear-phishing, which can corrupt a company's computer system by uploading malicious attachments and gaining access to sensitive information. Eleven of the 17 incidents to which the emergency response teams physically responded were attacks that had been launched by "sophisticated actors," the report said.

The reported incident against a nuclear facility, which the department did not specifically name, was found to be the result of a USB drive that an employee had used to download presentation materials onto a laptop. Those materials included malware that was then able to spread to 100 hosts on the network, according to Homeland Security.

The government has made a point of not identifying companies by name due to fear that such public exposure would deter other companies who are the victims of similar attacks from coming forward and sharing information about the threats.

The report also identified common trends that allowed attackers to penetrate systems. They included employees who were not properly aware of potential dangers and technical and process flaws that left their systems exposed to attack.

The Department of Homeland Security sees the rise in the number of reported events as a sign that businesses are trusting the government more when it comes to allowing federal investigators to access their systems.

"Incident response is an essential part of cybersecurity," DHS spokesman Peter Boogaard said Wednesday. "DHS has made a consistent effort to work with public and private sector partners to develop trusted relationships and help asset owners and operators establish policies and controls that prevent incidents. The number of incidents reported to DHS's ICS-CERT has increased partly due to this increased communication."

The sensitivity over the public-private partnership remains a hotly debated issue in Washington, as lawmakers try to come up with legislation that would require acceptable minimum security standards for companies that operate critical infrastructure systems. Republican-backed proposals have included making the exchange of information between private companies and the government voluntary. Other initiatives, including a bipartisan bill backed by Sens. Joe Lieberman, I-Connecticut, and Susan Collins, R-Maine, would require companies to prove to the government that minimum security standards are in place, and would make that information subject to a government audit.


Filed under: Cybersecurity • Homeland Security • Nuclear • Spying
soundoff (46 Responses)
  1. icons design

    I have removed this message

    November 5, 2012 at 11:07 am | Reply
  2. icons design

    Yes cannot be!

    November 4, 2012 at 8:43 am | Reply
  3. Ade

    Posted on Great post. I wanna go! Waaaaugh! and some of us may not remember the Mary Pat Gleason Incident, but I garuantee you, Mary Pat Gleason does.

    August 3, 2012 at 12:05 am | Reply
  4. ac repair mesa az

    I am just commenting to make you understand what a incredible experience my friend's princess developed reading your blog. She noticed several things, which include what it's like to possess an awesome giving nature to have folks without difficulty learn certain hard to do issues. You truly exceeded our expected results. Thanks for rendering those good, trusted, explanatory and as well as easy tips about your topic to Lizeth.

    July 13, 2012 at 12:14 am | Reply
  5. Charly Brains

    "Ignorance at the workplace related to cyber security", that's the first thing to do to avoid cyber attacks.

    July 6, 2012 at 2:23 am | Reply
    • Michigander5

      Definitely.. in my Security class we were expected to give mock presentations explaining prevention techniques and awareness of certain kinds of attacks at an End user level.

      Doesn't matter how much you do to protect yourself if you don't teach employee's not to click on links..

      July 6, 2012 at 7:35 am | Reply
  6. Angel

    I'm not worried about the attacks at all, just another day. So long you have a firewall other then Norton, then your good, and needless to say that we have the best hackers working for us, not homeland security. Also, hackers care about companies not home PC's, it would be useless and let alone that Pentagon gets hit with over 10,000 attackers daily. None are successful and the info that is held at the Pentagon is rather useless to any individual. So if they can't by pass the Pentagon, why would I freak out for the new attack, like the Y2K bug. Meh, overrated.

    July 5, 2012 at 5:48 pm | Reply
    • Eric

      Yup i agree with your point!

      July 6, 2012 at 2:56 am | Reply
  7. GhostCoyote

    If the Gov can regulate the physical integrity of these system via the EPA and whatnot (ie building codes and containment of reactors) I don't see it as a far reach for them regulate and set minimum standards of Electronic Safety via their computer systems. They'll just screw it up like everything else, but its a good idea anyway

    July 5, 2012 at 5:02 pm | Reply
  8. some guy

    Maybe if they develop goodwill, rather than corrupt corporations and Police states, people will stop attacking the websites.

    July 5, 2012 at 4:13 pm | Reply
  9. Solo

    Homeland Security.... ugh. I don't have the space here to write all of the things wrong with this government debacle.

    July 5, 2012 at 3:30 pm | Reply
  10. Ben

    Ha, ha, the FBI wants access to your computer. Don't fall for it, this whole things is a scam!

    July 5, 2012 at 2:01 pm | Reply
  11. krolus

    Tis the oldest trick in the book!Bully the guy till he gives you what he wants, I wouldnt be suprised if a
    (u.s.) facility somewhere thats nowhere is acting out this scheme so they can have cyber access to all
    of our economic infustructureWhile yes there are protected now they have the powers in place to do
    there bidding.Beware the shadow!

    July 5, 2012 at 10:48 am | Reply
  12. michaelfury

    http://michaelfury.wordpress.com/2010/09/10/ghosts-in-the-machine/

    July 5, 2012 at 7:30 am | Reply
  13. SixDegrees

    No mention of who the attackers were. No mention of who the attacked companies were.

    Ridiculous. This sort of thing withers when dragged out into the sunlight, and thrives in darkness.

    Also: how many – if any – of these breaches involved critical equipment? Computers are everywhere; just because some secretary's desktop that is used to surf the web all day and nothing more got infected doesn't really concern me. If a machine connected to cooling systems in a nuclear plant was affected, that concerns me. But we're left guessing.

    Security theater.

    July 5, 2012 at 3:41 am | Reply
  14. Kilgore Trout

    Those thumbdrives are NASTY spreaders. People will learn eventually.

    July 5, 2012 at 3:24 am | Reply
  15. Anna

    Meanwhile Iran is threatening to launch missle attacks on US bases – but I guess CNN missed that one off the wire????

    "Iran claims during missile tests that it could hit US bases in the region and Israel, amid rising tensions over its suspect nuclear program"
    .

    July 5, 2012 at 2:30 am | Reply
    • Cyrus

      O shut your fear mongering gob.

      July 5, 2012 at 11:59 pm | Reply
  16. jezabel

    bow down and pray to ur new overlords america!
    the chinese own u already
    next they will infiltrate ur public networks and disable it all
    learn chinese now!
    that is ur only hope

    July 5, 2012 at 2:22 am | Reply
    • Vito

      Dream on you pathetic creep! Stay couped up in your cave so nobody has to look at your repugnant face.

      July 5, 2012 at 2:59 am | Reply
  17. fraud happens

    someone in china charged a server to my spouses credit card. messed him up for a few days. credit card company figured out right away that it wasn't him. that was good. now he's scared to use his card.

    July 5, 2012 at 12:25 am | Reply
    • rick1948

      He should be. Tell him to report the card stolen and have the bank issue another one with a different number.

      July 5, 2012 at 1:29 am | Reply
  18. Ixion

    As was mentioned by no idea in the first post, no critical infrastructure should be connected to a public network. Also, all employees should have to undergo searches before entering critical control areas so they do not bring USB drives, Media players or other devices that can be connected to a secured computer.

    Add to that measures to disable "trusted" access to a computer such as USB ports,firewire or other bidirectional communications ports so that devices connected to them do not automatically get recognized and connected to a system without a 2 or 3 factor authentication system. There are literally 1000s of ways to keep people out of critical infrastructure and most of it wont cost a dime to implement.

    July 5, 2012 at 12:00 am | Reply
  19. deanmyrick

    Why is there no mention of who the attackers are? Is CNN afraid to upset our Chinese benefactors?

    July 4, 2012 at 11:59 pm | Reply
    • Michael Davis

      So they won't know we are on to them. This is not "reality" TV where all the deepest darkest secrets are revealed. Get a clue, not all information needs to be made public. Loose lips sink ships.

      July 5, 2012 at 12:10 am | Reply
    • Joe

      why do you think hackers are only from china? are Chinese people the only one's who know how to operate a computer?

      July 5, 2012 at 12:49 am | Reply
    • kalo

      Fallout the video games are happening! Time to defend Alaska! In all honesty this has been going on since the cold war, nothing too shocking....if anything I'm surprised the number is so low.

      July 5, 2012 at 1:19 am | Reply
  20. Lefty Cappuccino

    When these systems are controlled by people, they will always be vulnerable. Why critical systems have Internet access or the ability to allow potentially comprimised drives acces via usb is beyond comprehension.

    July 4, 2012 at 11:54 pm | Reply
  21. an idea

    how about not hooking "critical infrastructure" up to an internet then what did our ancestors do before the internet?

    Thats like placing a can of gas near a bonfire then complaining cos the can of gas exploded and caught your yard on fire. Its a self created problem.

    Not everything needs to be hooked up online wi fi bluetooth ready to be effective

    July 4, 2012 at 11:34 pm | Reply
    • duh

      I'm sure you guys are the first to think of that.

      July 5, 2012 at 1:56 am | Reply
  22. Mason

    The entire world is under threat of being attacked. CNN can suck my dick

    July 4, 2012 at 11:09 pm | Reply
    • Wocca Wocca

      Insightful

      July 4, 2012 at 11:14 pm | Reply
    • Welcome to Reality

      I learned a lot from this post. Mason must be a PhD or something!

      July 4, 2012 at 11:44 pm | Reply
    • deanmyrick

      Isn't there supposed to be a "report abuse" option on here?

      July 4, 2012 at 11:57 pm | Reply
      • Maglets

        Yeah. And why wasn't it screened out for curse words, and blocked, like they always do my posts?!?!?

        July 5, 2012 at 2:03 am |
      • Michael Davis

        Where is the curse word(s). None of the words he used are considered curse words the phrase maybe but not the words. But there should be a moderator or like deanmyrick said a report abuse in case CNN doesn't want to hire moderators for each story and blog posted.

        July 5, 2012 at 2:57 am |
  23. gspot

    humans being humans

    July 4, 2012 at 10:59 pm | Reply

Post a comment


 

CNN welcomes a lively and courteous discussion as long as you follow the Rules of Conduct set forth in our Terms of Service. Comments are not pre-screened before they post. You agree that anything you post may be used, along with your name and profile picture, in accordance with our Privacy Policy and the license you have granted pursuant to our Terms of Service.