http://www.washingtonian.com/blogs/capitalcomment/local-news/cyber-attack-aimed-at-pipeline-companies-was-handled-washington-style.php By Shane Harris Washingtonian May 10, 2012 Here's the first thing you need to know about a reported "cyber attack" against natural gas pipeline operators that was revealed last week: It wasn't actually an attack--not on the pipelines anyway, which is how it has been portrayed in some news accounts. So far, there's no evidence that electronic intruders gained access to the systems that control gas pipelines, or that any of these lines were damaged. Rather, an as-yet-unidentified hacker or group of hackers was trying to get inside the corporate networks of the pipeline operators themselves. That's a serious breach, but it's not as serious as taking over a pipeline. Here's the second thing you need to know: This incident marks a new, heightened level of influence by Washington over security in the energy sector--and that influence will only get stronger as more incidents like this occur. Right now, Congress is debating cyber security legislation that would get the government more involved in managing corporate security breaches. In this latest case, federal security and law enforcement agencies were involved early on as pipeline operators discovered they might be the target of an espionage campaign. For much of the time, they successfully enforced a media and public information blackout of the events. While several companies were discovering they were targets, federal authorities investigated and watched the intruders, but they didn't immediately issue a broad alert warning all pipeline operators that they might be at risk. Authorities held classified briefings with affected companies across the country. The intrusion campaign is ongoing, and it's not yet clear how many companies may be involved. Here's how events unfolded, based on government accounts and interviews with people who are privy to details of the investigation. [...] _______________________________________________ LayerOne Security Conference May 26-27, Clarion Hotel, Anaheim, CA http://www.layerone.orgReceived on Fri May 11 2012 - 01:08:37 PDT
This archive was generated by hypermail 2.2.0 : Fri May 11 2012 - 01:14:46 PDT