Natural gas pipeline companies under siege, DHS arm warns

Share this article:

Since around Christmas, natural gas pipelines in the United States have been under attack from a focused group of adversaries, according to a recent alert released by a Department of Homeland Security (DHS) cyber watchdog.

The alert, part of the Industrial Control Systems Cyber Emergency Response Team's (ICS-CERT) "Monthly Monitor" report, warned that officials have received reports of a number of attempted and successful intrusions into the networks of organizations affiliated with the natural gas pipeline industry.

"Analysis of the malware and artifacts associated with these cyber attacks has positively identified this activity as related to a single campaign," the alert said. "The campaign appears to have started in late December 2011 and is active today."

Attackers appear to be using a common method to gain a network foothold: social engineering, according to ICS-CERT. They are targeting a select few targets and delivering legitimate-looking emails that appear to come from a trusted colleague, a tactic known as spear phishing.

ICS-CERT, which did not identify the adversaries, is trying to determine the breadth of the infection, as well as developing ways to both detect and remove the malware.

"ICS-CERT has conducted a series of briefings across the country to share information related to the intrusion activity with asset owners [and] operators," it said. "ICS-CERT will continue to work with private sector and government partners to respond to this and other cyber threats."

According to a 2007 U.S. Department of Energy document, there are more than 210 natural gas systems covered by 300,000 miles of pipes. Texas has more pipelines running through it than the next nearest state (Louisiana), by a roughly three-to-one margin.

Government organizations and private-sector security experts have been warning for several years how susceptible critical infrastructure organizations are to cyber attacks, especially as control systems become increasingly connected to the public internet.

DHS spokesman Peter Boogaard told SCMagazine.com in an email on Monday that ICS-CERT has been collaborating with private companies in the oil-and-gas sector since March. 

"DHS is coordinating with the FBI and appropriate federal agencies, and ICS-CERT is working with affected organizations to prepare mitigation plans customized to their current network and security configurations to detect, mitigate and prevent such threats," he said.

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

More in News

Beazley: employee errors root of most data breaches, but malware incidents cost ...

Insurance firm Beazley analyzed more than 1,500 data breaches it serviced between 2013 and 2014.

Apple issues seven updates, fixes more than 40 vulnerabilities in iOS 8, OS 10.9.5

Apple issues seven updates, fixes more than 40 ...

In one of its infrequent "Update Surprisedays," Apple plugged holes, boosted security and added features.

Canadian telecom co. Telus unveils first transparency report

The company received more than 100,000 government requests for customer data last year.