Homeland security cites sharp rise in cyber attacks
by Suzanne Kelly
The companies that control critical infrastructure in the United States are reporting higher numbers of attacks on their systems over the past three years, according to a report issued by the Department of Homeland Security.
The Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) says the number of reported attacks is up and attackers have been targeting companies with access to the country's power grid, water filtration facilities and a nuclear facility.
According to the report, which was released last week, there were 198 incidents reported to DHS in 2011, up from nine incidents in 2009. Cyber emergency response teams went to the physical locations to investigate and further analyze the threats in 17 of the 198 cases in 2011.
The most common threat was a technique known as spear-phishing, which can corrupt a company's computer system by uploading malicious attachments and gaining access to sensitive information. Eleven of the 17 incidents to which the emergency response teams physically responded were attacks that had been launched by "sophisticated actors," the report said.
The reported incident against a nuclear facility, which the department did not specifically name, was found to be the result of a USB drive that an employee had used to download presentation materials onto a laptop. Those materials included malware that was then able to spread to 100 hosts on the network, according to Homeland Security.
The government has made a point of not identifying companies by name due to fear that such public exposure would deter other companies who are the victims of similar attacks from coming forward and sharing information about the threats.
The report also identified common trends that allowed attackers to penetrate systems. They included employees who were not properly aware of potential dangers and technical and process flaws that left their systems exposed to attack.
The Department of Homeland Security sees the rise in the number of reported events as a sign that businesses are trusting the government more when it comes to allowing federal investigators to access their systems.
"Incident response is an essential part of cybersecurity," DHS spokesman Peter Boogaard said Wednesday. "DHS has made a consistent effort to work with public and private sector partners to develop trusted relationships and help asset owners and operators establish policies and controls that prevent incidents. The number of incidents reported to DHS's ICS-CERT has increased partly due to this increased communication."
The sensitivity over the public-private partnership remains a hotly debated issue in Washington, as lawmakers try to come up with legislation that would require acceptable minimum security standards for companies that operate critical infrastructure systems. Republican-backed proposals have included making the exchange of information between private companies and the government voluntary. Other initiatives, including a bipartisan bill backed by Sens. Joe Lieberman, I-Connecticut, and Susan Collins, R-Maine, would require companies to prove to the government that minimum security standards are in place, and would make that information subject to a government audit.
@natlsecuritycnn on Twitter
I have removed this message
Yes cannot be!
Posted on Great post. I wanna go! Waaaaugh! and some of us may not remember the Mary Pat Gleason Incident, but I garuantee you, Mary Pat Gleason does.
I am just commenting to make you understand what a incredible experience my friend's princess developed reading your blog. She noticed several things, which include what it's like to possess an awesome giving nature to have folks without difficulty learn certain hard to do issues. You truly exceeded our expected results. Thanks for rendering those good, trusted, explanatory and as well as easy tips about your topic to Lizeth.
"Ignorance at the workplace related to cyber security", that's the first thing to do to avoid cyber attacks.
Definitely.. in my Security class we were expected to give mock presentations explaining prevention techniques and awareness of certain kinds of attacks at an End user level.
Doesn't matter how much you do to protect yourself if you don't teach employee's not to click on links..
I'm not worried about the attacks at all, just another day. So long you have a firewall other then Norton, then your good, and needless to say that we have the best hackers working for us, not homeland security. Also, hackers care about companies not home PC's, it would be useless and let alone that Pentagon gets hit with over 10,000 attackers daily. None are successful and the info that is held at the Pentagon is rather useless to any individual. So if they can't by pass the Pentagon, why would I freak out for the new attack, like the Y2K bug. Meh, overrated.
Yup i agree with your point!
If the Gov can regulate the physical integrity of these system via the EPA and whatnot (ie building codes and containment of reactors) I don't see it as a far reach for them regulate and set minimum standards of Electronic Safety via their computer systems. They'll just screw it up like everything else, but its a good idea anyway
Maybe if they develop goodwill, rather than corrupt corporations and Police states, people will stop attacking the websites.
Homeland Security.... ugh. I don't have the space here to write all of the things wrong with this government debacle.
Ha, ha, the FBI wants access to your computer. Don't fall for it, this whole things is a scam!
Tis the oldest trick in the book!Bully the guy till he gives you what he wants, I wouldnt be suprised if a
(u.s.) facility somewhere thats nowhere is acting out this scheme so they can have cyber access to all
of our economic infustructureWhile yes there are protected now they have the powers in place to do
there bidding.Beware the shadow!
http://michaelfury.wordpress.com/2010/09/10/ghosts-in-the-machine/
No mention of who the attackers were. No mention of who the attacked companies were.
Ridiculous. This sort of thing withers when dragged out into the sunlight, and thrives in darkness.
Also: how many – if any – of these breaches involved critical equipment? Computers are everywhere; just because some secretary's desktop that is used to surf the web all day and nothing more got infected doesn't really concern me. If a machine connected to cooling systems in a nuclear plant was affected, that concerns me. But we're left guessing.
Security theater.
Those thumbdrives are NASTY spreaders. People will learn eventually.
Meanwhile Iran is threatening to launch missle attacks on US bases – but I guess CNN missed that one off the wire????
"Iran claims during missile tests that it could hit US bases in the region and Israel, amid rising tensions over its suspect nuclear program"
.
O shut your fear mongering gob.
bow down and pray to ur new overlords america!
the chinese own u already
next they will infiltrate ur public networks and disable it all
learn chinese now!
that is ur only hope
Dream on you pathetic creep! Stay couped up in your cave so nobody has to look at your repugnant face.
someone in china charged a server to my spouses credit card. messed him up for a few days. credit card company figured out right away that it wasn't him. that was good. now he's scared to use his card.
He should be. Tell him to report the card stolen and have the bank issue another one with a different number.
As was mentioned by no idea in the first post, no critical infrastructure should be connected to a public network. Also, all employees should have to undergo searches before entering critical control areas so they do not bring USB drives, Media players or other devices that can be connected to a secured computer.
Add to that measures to disable "trusted" access to a computer such as USB ports,firewire or other bidirectional communications ports so that devices connected to them do not automatically get recognized and connected to a system without a 2 or 3 factor authentication system. There are literally 1000s of ways to keep people out of critical infrastructure and most of it wont cost a dime to implement.
Why is there no mention of who the attackers are? Is CNN afraid to upset our Chinese benefactors?
So they won't know we are on to them. This is not "reality" TV where all the deepest darkest secrets are revealed. Get a clue, not all information needs to be made public. Loose lips sink ships.
why do you think hackers are only from china? are Chinese people the only one's who know how to operate a computer?
Fallout the video games are happening! Time to defend Alaska! In all honesty this has been going on since the cold war, nothing too shocking....if anything I'm surprised the number is so low.
When these systems are controlled by people, they will always be vulnerable. Why critical systems have Internet access or the ability to allow potentially comprimised drives acces via usb is beyond comprehension.
how about not hooking "critical infrastructure" up to an internet then what did our ancestors do before the internet?
Thats like placing a can of gas near a bonfire then complaining cos the can of gas exploded and caught your yard on fire. Its a self created problem.
Not everything needs to be hooked up online wi fi bluetooth ready to be effective
I'm sure you guys are the first to think of that.
The entire world is under threat of being attacked. CNN can suck my dick
Insightful
I learned a lot from this post. Mason must be a PhD or something!
Isn't there supposed to be a "report abuse" option on here?
Yeah. And why wasn't it screened out for curse words, and blocked, like they always do my posts?!?!?
Where is the curse word(s). None of the words he used are considered curse words the phrase maybe but not the words. But there should be a moderator or like deanmyrick said a report abuse in case CNN doesn't want to hire moderators for each story and blog posted.
humans being humans