US utility's control systems hit by advanced cyber attack - DHS
The Department of Homeland Security (DHS) did not name the utility in a report released this week by the agency’s Industrial Control Systems Cyber Emergency Response Team (ICS-CERT).
"While unauthorized access was identified, ICS-CERT was able to work with the affected entity to put in place mitigation strategies and ensure the security of their control systems before there was any impact to operations," a DHS official told Reuters.
The agency report said that investigators had determined the utility was likely a victim of previous attacks, though it did not elaborate.
Cyber-attacks of this kind are rarely disclosed by ICS-CERT, which is often secretive about its investigations in order to encourage businesses to offer information to the government, according to Reuters. In addition, companies are often hesitant to share information with the public should the attacks result in negative publicity.
DHS said the hacking group may have launched the latest attack via an internet portal that allowed workers to access the utility’s control systems. DHS added that the utility’s system employed a simple password mechanism that could have been compromised by “brute forcing,” when hackers digitally force their way into a system using a variety of password combinations.
In the report, DHS also described another hack of a control system server connected to “a mechanical device.” DHS offered few details about the case, except that the attacker had access over an extended period, yet no attempts were made to manipulate the system.
"Internet facing devices have become a serious concern over the past few years," the agency said in the report.
Utility companies' vulnerability to cyber threats has been a point of concern for the US government and susceptible businesses. A particular worry is for the electric grid, as power companies employ Supervisory Control and Data Acquisition (SCADA) networks to control their systems. SCADA networks are made to keep the grid completely efficient, but not necessarily secure, according to DailyTech.
Earlier this month, the Federal Bureau of Investigation said it will aggressively crack down on cyber crime over the next few weeks, with a bureau official advising the public to anticipate indictments, searches, and multiple arrests.
On Monday, the US indicted five members of the Chinese military with hacking into American computer networks and engaging in cyber espionage for a foreign government. Among the entities targeted were nuclear technology developer Westinghouse and a large integrated specialties metal company headquarters in Pittsburgh, according to the Department of Justice.
Beijing reacted to Washington’s industrial espionage accusations by publishing its latest data on US cyber-attacks against China.
The 2013 ICS-CERT responded to 256 cyber-incident reports, with more than half in the energy sector. Though that is nearly double the number in 2012, there was not one incident that caused a major problem.
The 2013 incidents include hacking into systems via internet portals exposed over the web, using malicious software through thumb drives, and exploitation of software vulnerabilities.