The Department of Homeland Security said it is investigating a string of cyber intrusions targeting companies that operate national gas pipelines in the U.S.
The DHS’s Industrial Control System Computer Emergency Readiness Team (ICS-CERT) disclosed in its April, 2012 newsletter that it is investigating attacks and attempted intrusions into what it describes as “multiple natural gas pipeline sector organizations.” The attacks suggest a common source and a single campaign dating to as early as December, 2011.
The attacks described in the newsletter are consistent with “advanced persistent threat” or APT-style attacks, which rely on sophisticated social engineering methods and phishing e-mails to gain access to key personnel within a target organization. In the case of the natural gas pipeline attacks, “the number of persons targeted appears to be tightly focused” and “the e-mails have been convincingly crafted to appear as though they were sent from a trusted member internal to the organization,” ICS-CERT warned.
ICS-CERT said it has issued an alert to organizations in the gas pipeline sector and to government agencies. It is also helping coordinate on-site analysis to determine the extent of infection and to assist with removal of any malware, and then harden networks to further attacks.
Attacks that target critical infrastructure providers have been in the spotlight since the appearance of the Stuxnet worm more than two years ago. In the last year, there have been repeated reports about attacks that target companies in the energy sector, including oil, natural gas and electricity generation and distribution. In a survey conducted by the Ponemon Institute in 2011, three of four energy firms reported data breaches of some sort in the prior 12 months. Cybersecurity legislation has been high on the agenda for policy-makers in Washington, D.C. this year. But much of that legislation has fallen victim to partisan wrangling over the degree to which cyber security should be mandated, or merely encouraged, and by provisions of some bills that privacy advocates worry will encroach on civil liberties.