Energy sector tops list of US industries under cyber attack, says Homeland Security report

Washington, DC. March 12, 2015 — A report issued today by the US Department for Homeland Security says that in 2014 the Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) responded to 245 incidents reported by asset owners and industry partners.

The energy sector, says Jeremy Cowan, led all others again in 2014 with 79 reported incidents, followed by manufacturing at 65 and worryingly healthcare at 15 reported incidents. ICS-CERT’s continuing partnership with the Energy sector reportedly provides many opportunities to share information and collaborate on incident response efforts.

Also noteworthy in 2014 were the incidents reported by the Critical Manufacturing sector, some of which were from control systems equipment manufacturers. The ICS vendor community may be a target for sophisticated threat actors for a variety of reasons, including economic espionage and reconnaissance. Of the total number of incidents reported to ICS-CERT, roughly 55% involved advanced persistent threats (APT) or sophisticated actors.

 

Security.ICS-CERT_Monitor.crop

Other actor types included hacktivists, insider threats, and criminals. In many cases, the threat actors were unknown due to a lack of attributional data, says the US Department. The scope of incidents encompassed a vast range of threats and observed methods for attempting to gain access to both business and control systems infrastructure, including but not limited to the following:

  • Unauthorised access and exploitation of Internet facing ICS/Supervisory Control and Data Acquisition (SCADA) devices
  • Exploitation of zero-day vulnerabilities in control system devices and software
  • Malware infections within air-gapped control system networks
  • SQL injection via exploitation of web application vulnerabilities
  • Network scanning and probing
  • Lateral movement between network zones
  • Targeted spear-phishing campaigns
  • Strategic web site compromises (a.k.a., watering hole attacks.)

The majority of incidents were categorised as having an “unknown” access vector. In these instances, the organisation was confirmed to be compromised; however, forensic evidence did not point to a method used for intrusion because of a lack of detection and monitoring capabilities within the compromised network.

Security.2.ICS-CERT_gov_sites.crop

Rob Miller, security consultant at MWR InfoSecurity, tells M2M Now, “Many organisations we work with are taking these reports very seriously. The report shows that the rate of new vulnerabilities being discovered in ICS equipment has remained steady for the last four years. ICS operators cannot therefore rely on vendors taking care of their security for them.

“Organisations may feel that their ICS systems are beyond the reach of attackers, but attacks like those against the Norwegian oil sector last year have demonstrated these assumptions to be false. ICS, far from being an air-gapped, proprietary system, is now often integrated to our IT networks as companies strive to improve performance and reduce costs. This can be done without impacting security, but only if security is considered during its design.”

Miller concludes, “Ultimately, better ICS security comes from not only controlling the borders of an ICS system, but by also introducing the ability to monitor and detect attacks, and through training of staff to respond appropriately.”

You can comment on this article below, or via Twitter:   @jcm2m     OR      @m2mnow

FEATURED IoT STORIES

9 IoT applications that will change everything

Posted on: September 1, 2021

Whether you are a future-minded CEO, tech-driven CEO or IT leader, you’ve come across the term IoT before. It’s often used alongside superlatives regarding how it will revolutionize the way you work, play, and live. But is it just another buzzword, or is it the as-promised technological holy grail? The truth is that Internet of

Read more

Which IoT Platform 2021? IoT Now Enterprise Buyers’ Guide

Posted on: August 30, 2021

There are several different parts in a complete IoT solution, all of which must work together to get the result needed, write IoT Now Enterprise Buyers’ Guide – Which IoT Platform 2021? authors Robin Duke-Woolley, the CEO and Bill Ingle, a senior analyst, at Beecham Research. Figure 1 shows these parts and, although not all

Read more

CAT-M1 vs NB-IoT – examining the real differences

Posted on: June 21, 2021

As industry players look to provide the next generation of IoT connectivity, two different standards have emerged under release 13 of 3GPP – CAT-M1 and NB-IoT.

Read more

IoT and home automation: What does the future hold?

Posted on: June 10, 2020

Once a dream, iot home automation is slowly but steadily becoming a part of daily lives around the world. In fact, it is believed that the global market for smart home automation will reach $40 billion by 2020.

Read more
RECENT ARTICLES

US businesses show IoT investment resilience, despite pandemic

Posted on: September 20, 2021

Despite the adversity caused by the COVID-19 pandemic, grounds for optimism remain for IoT spending in the US.

Read more

Tyk secures $35M investment to revolutionise software delivery for enterprises

Posted on: September 20, 2021

Tyk, a London-based global tech company, announced it has closed a $35M (€29.87M) growth equity funding round led by new investors Scottish Equity Partners (SEP), alongside existing investors MMC Ventures.

Read more