The US Department of Homeland Security announced that gas pipelines have been targeted by hackers. This raised the fears over the safety of infrastructure.
The Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) has recently highlighted a series of cyber attacks targeting natural gas pipeline sector corporations. They analyzed the malware related to the hacker attacks and discovered that it has identified the attacks as a part of a single campaign which is believed to be ongoing since last December.
Spear-phishing cyber attacks have targeted employees within companies, but some of the individuals targeted have been “tightly focused” apparently. The hackers conducted their attacks by sending emails which seemed to have been sent from a trusted member of the company they worked for.
ICS-CERT has already issued a warning to highlight the danger represented by cyber attacks on infrastructure. However, the information being made publicly available is very limited. The outfit claims that it’s currently “working aggressively” with targeted companies to fend off threats and to prevent re-infection. Meanwhile, they didn’t provide any source of motive of the intrusions.
Nowadays, cyber attacks on critical infrastructure are a growing concern, especially in the wake of the Stuxnet worm which threatened nuclear power stations in Iran. Indeed, a lot of power companies are actually open to attacks like spear phishing because of having low levels of security infrastructure in place. On the other hand, other corporations in the space have complex security solutions able to resist very determined attackers.
However, some of the industry observers believe that the seriousness in the cases might be overstated, and it isn’t only critical infrastructure on the receiving end of attacks, but attacks like Stuxnet will inevitably cause concern.
Last time in the United Stated, an incident originally labeled “a cyber attack on critical infrastructure from Russia” months later turned out to be an authorized action taken by a person on holiday in the US. Sometimes, correlating incidents taken against important companies, including viruses, spear phishing and hacker attacks, called “sophisticated hacker attacks” may appear a dangerous ploy, because these networks mostly have the same level of incidents and abuse as any other industry.
No comments:
Post a Comment