By Stormi O'Donnell
SecureWorld Media
What will it take before we get serious about securing critical infrastructure? A new report from the Department of Homeland Security highlights the seriousness of criminals targeting critical infrastructure, specifically the energy sector. The report somewhat (that's being polite) downplays the threats, but if you dig into the details it quickly becomes apparent that the threats and attacks should not be taken lightly.
Let's break down this portion of the report. First, the report states that the threat of a damaging cyber- attack on the U.S. energy sector is low, good news right? Not so fast, the report then states that attackers targeting integrated control solutions (ICS) are introducing malware into systems, and most attackers are "probably" focused on gaining and maintaining access to critical infrastructure. Furthermore, the report states that these attacks are state-sponsored, but not to worry because the cyber-spies "probably" wouldn't launch a "damaging or disruptive" attack unless their country was involved in a conflict with the U.S.
So, at least 17 times, hackers were able to gain access into U.S. energy systems? Don't worry though they didn't cause any damage, instead they just stole data and maintained a presence on integrated control systems. While no physical damage was done, does this sound like something that should be considered a low-level threat? I'll let you be the judge.
The Industrial Control Systems Cyber Emergency Response team found an ongoing malware campaign in late 2014 that apparently started in 2011. Researchers believe that state-sponsored Russian hackers were to blame for the 3-year attack.
So, the U.S. has criminals stealing data and planting malware on critical infrastructure, but researchers believe the threat of a damaging or disruptive attack on the U.S. energy sector remains low. Data usually speaks for itself, and this case is no different. This report brings more questions than answers. What constitutes a moderate threat?