Report: DHS and FBI Briefing Grid Operators on Sophisticated Cyber Attacks

A spate of reports in recent days has put the media’s attention back on the security of the energy sector and critical infrastructure more broadly. Notably: this CNN report that cites NSA director Admiral Mike Rogers telling the audience at a power grid security conference in San Antonio, Texas in October that “power… is one of the segments that concerns me the most.”

The FBI and Department of Homeland Security are briefing critical infrastructure owners, including electric utilities, on a spate of sophisticated cyber attacks.
The FBI and Department of Homeland Security are briefing critical infrastructure owners, including electric utilities, on a spate of sophisticated cyber attacks.

 

What’s changed? For one: the uptick in ICS-specific malware like BlackEnergy. A spate of attacks based on that malware and others have targeted critical infrastructure players in recent months.

According to a confidential memo obtained by CNN, the FBI and DHS are now traveling the country to warn utilities and other critical infrastructure owners about targeted attacks on industrial control systems. Some of those attacks are exploiting previously unknown (or “zero day”)  vulnerabilities in ICS systems, CNN reported.

The U.S. Government has been warning about the threat of cyber attacks on critical infrastructure for months. In October, the U.S. Government’s Industrial Control System CERT (ICS-CERT) published details of the BlackEnergy campaign which began more than three years ago and has targeted industrial systems that were directly connected to the public Internet.

ICS-CERT said that “HMI” (or Human-Machine Interfaces) products from vendors including GE, Advantech/Broadwin and Siemens may have been infected with variants of the BlackEnergy malware since January, 2012. U.S. CERT says that there have been 79 hacking incidents at energy companies so far in 2014.

Read more via CNN “Hackers attacked the U.S. Energy Grid 79 Times This Year.”