[ISN] Report: DHS Requested Gas Pipeline Companies to Let Attackers Lurk Inside Networks

From: InfoSec News <alerts_at_private>
Date: Tue, 8 May 2012 04:19:54 -0500 (CDT)
https://www.securityweek.com/report-dhs-requested-gas-pipeline-companies-let-attackers-lurk-inside-networks

By Steve Ragan
SecurityWeek.com
May 07, 2012

According to reports, which were confirmed Friday by ICS-CERT, an active 
Phishing campaign is responsible for the U.S. Department of Homeland 
Security (DHS) issuing three warnings since the end of March that the 
natural gas industry has been under ongoing cyber attack. However, it’s 
the advice that the DHS is giving that should raise some red flags.

The specter of a cyber attack against critical infrastructure is a 
reality, but not because the DHS is guarding the Internet, but because 
the networks running the critical infrastructure are so poorly 
protected. It’s gotten to the point that simple Phishing attacks, things 
that proper email protection and awareness training cover, rate three 
separate warnings and alerts.

“Various sources provided information to ICS-CERT describing targeted 
attempts and intrusions into multiple natural gas pipeline sector 
organizations. Analysis of the malware and artifacts associated with 
these cyber attacks has positively identified this activity as related 
to a single campaign. The campaign appears to have started in late 
December 2011 and is active today,” the CERT alert advised.

As reported by the DHS though the Transportation Security 
Administration’s Office of Intelligence, the U.S. pipeline system is 
comprised of 161,189 miles of liquid pipelines with more than 200 
operators; 309,503 miles of natural gas transmission pipelines with more 
than 700 operators; and 1.9 million miles of natural gas distribution 
pipelines with more than 1,300 operators.

[...]


_______________________________________________
LayerOne Security Conference
May 26-27, Clarion Hotel, Anaheim, CA
http://www.layerone.org
Received on Tue May 08 2012 - 02:19:54 PDT

This archive was generated by hypermail 2.2.0 : Tue May 08 2012 - 02:17:38 PDT