You are here:    Home > Archive > June 2012 > Cyber campaign against gas pipelines
Hydrocarbon Processing Copying and distributing are prohibited without permission of the publisher

Cyber campaign against gas pipelines

06.01.2012  |  Thinnes, Billy,  Hydrocarbon Processing Staff, Houston, TX

Keywords: [cybersecurity] [terrorists] [viruses] [cyberwarfare] [industrial espionage] [natural gas] [pipelines] [Homeland Security] [ICS-CERT]

In March, US Homeland Security’s Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) identified an active series of cyber intrusions targeting natural gas pipeline sector companies. Various sources provided information to ICS-CERT describing targeted attempts and intrusions into multiple natural gas pipeline sector organizations.

Analysis of the malware and artifacts associated with these cyber attacks has positively identified this activity as related to a single campaign with spear-phishing activity dating back to as early as December 2011. Analysis shows that the spear-phishing attempts have targeted a variety of personnel within these organizations; however, the number of persons targeted appears to be tightly focused. In addition, the e-mails have been convincingly crafted to appear as though they were sent from a trusted member internal to the organization.

ICS-CERT is currently engaged with multiple organizations to provide remote and onsite analytic assistance to confirm the compromise, extent of infection and assist in removing it from networks. ICS-CERT does not recommend enabling the intrusion activity to persist within networks, and it has been working aggressively with affected organizations to prepare mitigation plans customized to their current network security configurations to remove the threat and harden networks from reinfection.

In addition, ICS-CERT recently conducted a series of briefings across the country to share information related to the intrusion activity with oil and natural gas pipeline companies. These briefings provided additional context of the intrusions and mitigations for detecting and removing the activity from networks.

ICS-CERT continues to recommend Defense-in-Depth practices and educating users about social engineering and spear-phishing attacks. Organizations are also encouraged to review ICS-CERT’s “Incident Handling” brochure for tips on preparing for and responding toan incident. Asset owners/operators who would like access to the portal or to the alerts can contact ICS-CERT at ics-cert@dhs.govHP


Have your say

  • All comments are subject to editorial review.
    All fields are compulsory.

Bernard
06.06.2012

Truth or self-serving story??? Hard to distinguish these days.

Related articles

  1. US approves Freeport LNG export application
  2. Carbon capture technology becoming cost effective
  3. UOP to provide technology for Ascend on-purpose propylene project in Texas
  4. Shell declares force majeure on natural gas supplies to Nigeria LNG
  5. SOCAR awards engineering contracts to construct largest Turkey refinery

FEATURED EVENT

Boxscore Database

A searchable database of project activity in the global hydrocarbon processing industry

Poll

Compared to the rest of the world, how long will the US hold its "ethane advantage" of cheap petrochemical feedstock?


29%

52%

19%




View previous results

Popular Searches

ethylene | maintenance | peru | polypropylene | propylene | quality assurance | refining | software | steam methane reformer | valves

Follow us on Twitter

Please read our Term and Conditions and Privacy Policy before using the site. All material subject to strictly enforced copyright laws.
© 2011 Hydrocarbon Processing. © 2011 Gulf Publishing Company.