ANARCHY DAY 9: DHS Says Hackers Mounting Organized Cyber Attack on U.S. Gas Pipelines

Posted: May 9, 2012 in Anarchists & Communists

By  (@JasonRyanABC)

May 8, 2012

 

For the past six months, an unidentified group of hackers has been mounting an ongoing, coordinated cyber attack on the control systems of U.S. gas pipelines, prompting the Department of Homeland Security to issue alerts.

According to U.S. officials, it’s unclear if a foreign power is trying to map the gas systems or if hackers are attempting to harm the pipelines. A previous attack on the oil and gas sector seemed to originate in China.

The hackers are using a technique called “spear-phishing,” according to the DHS, in hopes of stealing passwords and gaining access to the pipelines’ control systems. Spear-phishers send targeted emails to specific individuals that seem to come from friends or associates, and when opened, attachments or links in the emails release malware into the victim’s computer

“Various sources provided information to the Industrial Control Systems Cyber Emergency Response Team,” stated the DHS in a recent newsletter, “describing targeted attempts and intrusions into multiple natural gas pipeline sector organizations. Analysis of the malware and artifacts associated with these cyber attacks has positively identified this activity as related to a single campaign with spear-phishing activity dating back to as early as December 2011.”

PHOTO: Gas pipeline control room
Daniel Acker/Bloomberg via Getty Images
A gas controller talks to a compression… View Full Size
PHOTO: Gas pipeline control room

Daniel Acker/Bloomberg via Getty Images
A gas controller talks to a compression station operator while managing a 3,700 mile natural gas pipeline network at the control room of the Williston Interstate Pipeline Co. gas control center in Bismarck, N.D., in this Feb. 10, 2012 photo.

According to the DHS, the spear-phishers, who were first detected in March, have targeted a small, select group of employees at U.S. gas companies.

DHS officials and a spokesman have acknowledged they are working with the FBI to find out who may be behind the intrusions and malicious emails.

“The cyber intrusion involves sophisticated spear-phishing activities targeting personnel within the private companies,” DHS spokesman Peter Boogaard said in a statement. “DHS is coordinating with the FBI and appropriate federal agencies, and DHS’s Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) is working with affected organizations to prepare mitigation plans customized to their current network and security configurations to detect, mitigate and prevent such threats.”

Boogaard said ICS-CERT has been working with “critical infrastructure owners” in the oil and gas industry since March 2012 to combat the cyber attacks. According to Homeland Security officials, in recent weeks ICS-CERT has held several classified briefings with oil and gas sector companies and organizations to share information about the intrusions.

The oil and gas sector has been targeted before. In February 2011 the computer security firm McAfee discovered a computer intrusion labeled “Night Dragon” that was traced to China. As part of that attack, individuals tried to obtain sensitive data and financial documents from the oil and gas companies about bids and future drilling exploration projects.

The FBI declined to comment on the case when contacted by ABC News.

http://abcnews.go.com/Blotter/dhs-hackers-mounting-organized-cyber-attack-us-gas/story?id=16304818

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s