Natural gas pipeline companies under siege, DHS arm warns

Share this article:

Since around Christmas, natural gas pipelines in the United States have been under attack from a focused group of adversaries, according to a recent alert released by a Department of Homeland Security (DHS) cyber watchdog.

The alert, part of the Industrial Control Systems Cyber Emergency Response Team's (ICS-CERT) "Monthly Monitor" report, warned that officials have received reports of a number of attempted and successful intrusions into the networks of organizations affiliated with the natural gas pipeline industry.

"Analysis of the malware and artifacts associated with these cyber attacks has positively identified this activity as related to a single campaign," the alert said. "The campaign appears to have started in late December 2011 and is active today."

Attackers appear to be using a common method to gain a network foothold: social engineering, according to ICS-CERT. They are targeting a select few targets and delivering legitimate-looking emails that appear to come from a trusted colleague, a tactic known as spear phishing.

ICS-CERT, which did not identify the adversaries, is trying to determine the breadth of the infection, as well as developing ways to both detect and remove the malware.

"ICS-CERT has conducted a series of briefings across the country to share information related to the intrusion activity with asset owners [and] operators," it said. "ICS-CERT will continue to work with private sector and government partners to respond to this and other cyber threats."

According to a 2007 U.S. Department of Energy document, there are more than 210 natural gas systems covered by 300,000 miles of pipes. Texas has more pipelines running through it than the next nearest state (Louisiana), by a roughly three-to-one margin.

Government organizations and private-sector security experts have been warning for several years how susceptible critical infrastructure organizations are to cyber attacks, especially as control systems become increasingly connected to the public internet.

DHS spokesman Peter Boogaard told SCMagazine.com in an email on Monday that ICS-CERT has been collaborating with private companies in the oil-and-gas sector since March. 

"DHS is coordinating with the FBI and appropriate federal agencies, and ICS-CERT is working with affected organizations to prepare mitigation plans customized to their current network and security configurations to detect, mitigate and prevent such threats," he said.

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

TOP COMMENTS

More in News

Hackers grab email addresses of CurrentC pilot participants

Hackers grab email addresses of CurrentC pilot participants

Although the hack didn't breach the mobile payment app itself, consumer confidence may be shaken.

Operators disable firewall features to increase network performance, survey finds

Operators disable firewall features to increase network performance, ...

McAfee found that 60 percent of 504 surveyed IT professionals prioritize security as the primary driver of network design.

PCI publishes guidance on security awareness programs

PCI publishes guidance on security awareness programs

The guidance, developed by a PCI Special Interest Group, will help merchants educate staff on protecting cardholder data.