US Gas Pipeline operators under attack
Contributed by: Email on 05/08/2012 02:37 PM
[
Comments
]
In a recent report from the Christian Science Monitor, natural gas pipeline operators are being targeted for cyber attacks. The Department of Homeland Security has issued at least three confidential warnings ( Amber alerts - the second highest alert level ) to natural gas suppliers since March. The reports give a detailed warning of the wave of attacks.
The attacks have been ongoing since December of last year. ICS-CERT, which specializes in industrial control system security, has apparently also issued a confidential warning. Specially crafted virus-infected emails are used to target specific company employees using what is said to be a spear-phishing technique.
One security specialist quoted in the story is said to have seen the warnings and stated that they contained more detail than any previous warnings, including file names and IP addresses, to help administrators determine whether their networks have been compromised. If an intrusion is noticed, the documents instruct the victim to not take any action against the attacker as long as the intrusion is not compromising normal day to day operations. The report does not address what alternatives are provided.
The warnings supposedly detail both attempted and successful attacks. It is yet not clear how many cases are involved or what effects, if any, the cyber attacks may have already had.
The attacks have been ongoing since December of last year. ICS-CERT, which specializes in industrial control system security, has apparently also issued a confidential warning. Specially crafted virus-infected emails are used to target specific company employees using what is said to be a spear-phishing technique.
One security specialist quoted in the story is said to have seen the warnings and stated that they contained more detail than any previous warnings, including file names and IP addresses, to help administrators determine whether their networks have been compromised. If an intrusion is noticed, the documents instruct the victim to not take any action against the attacker as long as the intrusion is not compromising normal day to day operations. The report does not address what alternatives are provided.
The warnings supposedly detail both attempted and successful attacks. It is yet not clear how many cases are involved or what effects, if any, the cyber attacks may have already had.
Comments
