Seek and Destroy: U.S. Energy Firms Warned of Recent IT Threats
Last Thursday, the U.S. government released a warning about the increasing risk of cyber attacks targeting critical energy corporations; seeking to destroy or manipulate industrial machinery in attempts to seize control of networks that deliver energy or run industrial processes, according to NYTimes.com and Washington Post.
According to the Washington Post, the unclassified alert was issued by the Depart. of Homeland Security’s Industrial Control Systems Cyber Emergency Response Team or ICS-CERT, and released on a computer network accessible only to authorized industry and government users (hence why you won’t find a link to the report here).
NYTimes.com reports a key distinction in the latest warnings about the potential new attacks as attempts to destroy, rather than just obtain or steal information from U.S. companies. While the majority of previous attacks have been motivated by gaining competitive advantages by stealing trade secrets, the newest threats appear to be motivated by the intention to shut down industrial machinery and energy delivery.
The article also reports that senior officials briefed on the latest attacks claimed they targeted the administrative systems of 10 major unnamed U.S. energy companies. Another U.S. official reports the warning was released after intrusion to a corporate system that deals with chemical processes. The Washington Post also reports that foreign adversaries have been probing the computer systems that operate chemical, electric and water plants.
In February, an executive order was issued to direct federal agencies to provide timely information about threats to cybersecurity to the industry to enable proactive measures to protect their company and consumers, as well as critical infrastructure. The latest warning points out that the most likely targets, such as phone networks and electric utility grids are privately owned entities and not federally-run.
What is currently going on with federal cybersecurity? NYTimes Tech Blog, Bits, reports that the Dept. of Homeland Security has recently lost four top cybersecurity officials as they departed from office in the last four months – including Richard Spires, the former CIO of DHS, who did not provide a reason for resignation after being on administrative leave since March 15, according to the Washington Business Journal. The agency reports needing to expand its workforce by as many as 600, citing a need to employ a large number of skilled hackers to keep up with developing threats.
Back in last November, I wrote an article, Another Dead End for U.S. Cybersecurity? on the struggles of passing a cybersecurity bill in Senate that would set standards for companies that operate critical U.S. infrastructure, including power grids and chemical plants. While the executive order recently administered may supersede the twice-stalled and once-revised bill, significant time (potential R&D time) has been lost in thwarting bipartisan attempts in national cybersecurity.
NYTimes.com reports that there are no clear technical security standards outlined in the warning from last week other than to adhere to best practices that “many computer professionals already advise.” So, why not read up about our technical security services and also industry best practices, from daily log review to two-factor authentication for VPN (Virtual Private Network) to web application firewalls (WAFs).
Encrypting data, whether at rest or in transit, is another best practice that can enhance data privacy while meeting federal and industry data security compliance standards. Join our upcoming Encryption – Perspective on Privacy, Security & Compliance webinar on June 11 and submit your security questions in advance for a chance to discuss encryption with security professional Chris Heuman, Practice Leader for RISC Management and Consulting.
Cyberattacks Against U.S. Corporations Are on the Rise
Tough Times at Homeland Security
U.S. Warns Industry of Heightened Risk of Cyberattack
Richard Spires Resigns as DHS CIO After Taking Administrative Leave
(image: IT threats / shutterstock)
Online Tech (www.OnlineTech.com) is the leader in secure and compliant hosting services including private cloud hosting, managed cloud hosting, hybrid cloud hosting, managed dedicated servers, disaster recovery and offsite backup services, and Michigan colocation. Online Tech’s legacy of independent HIPAA, PCI, SAS 70 Type II, SSAE 16 Type II (SOC 1), SOC 2, and SOC 3 audits and reports ...
Other Posts by Thu Pham
The moderated business community for business intelligence, predictive analytics, and data professionals.