Hydrocarbon Processing Copying and distributing are prohibited without permission of the publisher
Email a friend
  • Please enter a maximum of 5 recipients. Use ; to separate more than one email address.



Cyber campaign against gas pipelines

06.01.2012  |  Thinnes, Billy,  Hydrocarbon Processing Staff, Houston, TX

Keywords: [cybersecurity] [terrorists] [viruses] [cyberwarfare] [industrial espionage] [natural gas] [pipelines] [Homeland Security] [ICS-CERT]

In March, US Homeland Security’s Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) identified an active series of cyber intrusions targeting natural gas pipeline sector companies. Various sources provided information to ICS-CERT describing targeted attempts and intrusions into multiple natural gas pipeline sector organizations.

Analysis of the malware and artifacts associated with these cyber attacks has positively identified this activity as related to a single campaign with spear-phishing activity dating back to as early as December 2011. Analysis shows that the spear-phishing attempts have targeted a variety of personnel within these organizations; however, the number of persons targeted appears to be tightly focused. In addition, the e-mails have been convincingly crafted to appear as though they were sent from a trusted member internal to the organization.

ICS-CERT is currently engaged with multiple organizations to provide remote and onsite analytic assistance to confirm the compromise, extent of infection and assist in removing it from networks. ICS-CERT does not recommend enabling the intrusion activity to persist within networks, and it has been working aggressively with affected organizations to prepare mitigation plans customized to their current network security configurations to remove the threat and harden networks from reinfection.

In addition, ICS-CERT recently conducted a series of briefings across the country to share information related to the intrusion activity with oil and natural gas pipeline companies. These briefings provided additional context of the intrusions and mitigations for detecting and removing the activity from networks.

ICS-CERT continues to recommend Defense-in-Depth practices and educating users about social engineering and spear-phishing attacks. Organizations are also encouraged to review ICS-CERT’s “Incident Handling” brochure for tips on preparing for and responding toan incident. Asset owners/operators who would like access to the portal or to the alerts can contact ICS-CERT at ics-cert@dhs.govHP



Have your say
  • All comments are subject to editorial review.
    All fields are compulsory.

Bernard
06.06.2012

Truth or self-serving story??? Hard to distinguish these days.

Related articles

FEATURED EVENT


Sign-up for the Free Daily HP Enewsletter!

Boxscore Database

A searchable database of project activity in the global hydrocarbon processing industry

Poll

Should the US allow exports of crude oil? (At present, US companies can export refined products derived from crude but not the raw crude itself.)


65%

35%




View previous results

Popular Searches

Please read our Term and Conditions and Privacy Policy before using the site. All material subject to strictly enforced copyright laws.
© 2014 Hydrocarbon Processing. © 2014 Gulf Publishing Company.