Selasa, 08 Mei 2012

U.S. warns of cyberattacks on gas pipeline companies


U.S. gas pipeline operators have been targeted in sophisticated phishing attacks since at least December, with the Department of Homeland Security helping firms deal with the incidents since March, the DHS and an industry expert said.

"DHS's Industrial Control Systems Cyber Emergency Response Team has been working since March 2012 with critical infrastructure owners and operators in the oil and natural gas sector to address a series of cyber intrusions targeting natural gas pipeline companies," DHS spokesman Peter Boogaard said in an e-mail sent to CNET today.

"The cyber intrusion involves sophisticated spear-phishing activities targeting personnel within the private companies. DHS is coordinating with the FBI and appropriate federal agencies, and ICS-CERT is working with affected organizations to prepare mitigation plans customized to their current network and security configurations to detect, mitigate and prevent such threats."

The agency has been meeting with companies in private about the matter and late last week issued the first public advisory, which was first reported on by The Christian Science Monitor. It's unclear who is behind the attacks and whether they have led to pilfering of data or other negative consequences. Boogaard did not respond to follow up questions seeking more information.

"Most natural gas pipeline infrastructure in the U.S. is experiencing this type of attack," said Jesse Hurley, chairman of the critical infrastructure committee at the North American Energy Standards Board and CEO of Shift Systems, which operates the public key infrastructure for the wholesale electric grid in the U.S. "It's unprecedented. The DHS is saying leave the malware in place -- unless you think it's going to take down the network -- so we can see what it does. It's a critical issue for a lot of people. DHS is asking the entire industry to act as an intelligence source." MORE

Tidak ada komentar:

Posting Komentar