Cyber attacks on US gas pipeline operators
According to a report in The Christian Science Monitor, a cyber attacker is targeting natural gas pipeline operators in the US. The report states that, since March, the Department of Homeland Security (DHS) has issued at least three confidential warnings at the second highest alert level (Amber) to natural gas suppliers, giving a detailed warning of a wave of attacks.
The attacks have reportedly been ongoing since December of last year. ICS-CERT, which specialises in industrial control system security, has apparently also issued a confidential warning. The attacks are said to have been carried out using spear-phishing techniques, in which criminals use specially crafted virus-infected emails to target specific company employees.
One security specialist quoted in the story is said to have seen the warnings and stated that they contained more detail than any previous warnings, including file names and IP addresses, to help administrators determine whether their networks have been compromised. Where an intrusion is detected, the documents are noted to contain instructions not to take any action against the attacker so long long as the intrusion is not threatening normal day-to-day operations. The report does not indicate what alternatives are provided.
The warnings supposedly detail both attempted and successful attacks. It is yet not clear how many cases are involved or what effects, if any, the cyber attacks may have already had.