The spear-phishing
attacks laying siege to networks in the natural gas pipeline industry
apparently are being carried out by the same group that hacked RSA
security last year. The attacks, which have been occurring since late
this past March, have targeted several of the country's natural gas
pipeline companies.
According to U.S. officials,
it's unclear if a foreign power is trying to map the gas systems or if
hackers are attempting to harm the pipelines. A previous attack on the
oil and gas sector seemed to originate in China.
DHS supplied the pipeline industry and
its security experts with digital signatures, or "indicators of
compromise" (IOCs). Those indicators included computer file names,
computer IP addresses, domain names, and other key information
associated with the cyberspies, which companies could use to check their
networks for signs they’ve been infiltrated.
DHS officials and a spokesman
have acknowledged they are working with the FBI to find out who may be
behind the intrusions and malicious emails. The Monitor reports that
some investigators now believe that the campaign is tied to another
attack last year against cybersecurity company RSA, which the head of
the National Security Agency told Congress could be traced back to
China.
The group responsible for the
RSA attacks has also been linked to several previous hacking incidents
around the globe.Politico reports that these recent attacks, combined
with the devastating 2010 natural gas pipeline explosion in California,
illustrate the potential dangers of the rapidly expanding gas pipeline
network.
The oil and gas sector has been
targeted before. In February 2011 the computer security firm McAfee
discovered a computer intrusion labeled "Night Dragon" that was traced
to China. As part of that attack, individuals tried to obtain sensitive
data and financial documents from the oil and gas companies about bids
and future drilling exploration projects.
No comments:
Post a Comment