Report: Natural Gas Pipeline Companies Subject To Ongoing Cyber Attacks

The Department of Homeland Security has alerted natural gas pipeline companies that they may be subject to a four-month series of cyber attacks, the Christian Science Monitor reports.

Continuing attacks reportedly started in December 2011 and could affect Canadian natural gas pipeline companies as well, according to the DHS alerts. 

The Industrial Control Systems Cyber Emergency Response Team, a Idaho-based branch of DHS, issued a detailed incident response report on Friday, re-asserting what DHS alerts had already told industry. 

ICS-CERT, which helps industry run industrial control systems to maintain security, reported that the cyber intrusions from a single source campaign have affected multiple organizations.

Twenty companies have already reported to ICS-CERT that they have been subject to the series of attacks, Jonathan Pollet, founder of Red Tiger Security, said.

IS-CERT said the attacker is using a sophisticated spear-phishing approach, which allows hackers to infiltrate networks under the disguise of a friendly email from a colleague, opening a back door for hackers to get access to data. 

The report notes the industry affected is responsible for approximately 200,000 miles of interstate natural gas transmission pipelines, providing 25 percent of U.S. energy. 

Unnamed industry experts the CS Monitor the alerts issued by ICS-CERT included in-depth detail on the attacks, specific file names and information companies could use to check if their networks were subject to the series of attacks. 

Companies were instructed to not take mitigative action unless the breach comprised company operations.

An industry expert said this may be a way for the government to gain more intelligence on the attackers.

Estonian President Ilves previously suggested the area most at stake in cyber attacks is organizations’ intellectual property.