Federal officials recently uncovered a cyber plot to infect various natural gas pipeline companies with malware.
A report from the Homeland Security Department's Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) said this "active series of cyber intrusions" is related to a single spear-phishing campaign that dates back to December.
Spear-phishing attacks target specific people - and the confidential information to which they have access - via emails that appear to be from trusted sources. Interacting with these messages, however, can unleash the malware and provide the scammers with access to a wealth of data about the target companies.
In its April monthly monitor, ICS-CERT said the "number of persons targeted appears to be tightly focused."
ICS-CERT said it is "currently engaged with multiple organizations to provide remote and onsite analytic assistance to confirm the compromise." It has also issued an alert and conducted briefings with oil and natural gas pipeline companies to warn them about the problem.
"ICS-CERT does NOT recommend enabling the intrusion activity to persist within networks and has been working aggressively with affected organizations to prepare mitigation plans customized to their current network security configurations to remove the threat and harden networks from re-infection," the agency said.
The ability of the government to work with private companies in the event of a cyber attack is the subject of a controversial piece of legislation currently making its way through Congress. The Cyber Information Sharing & Protection Act (CISPA) is intended to allow for information-sharing between private companies and the government in the event of a cyber attack, and it recently passed the House. Detractors, however, fear that CISPA will give tech companies carte blanche to hand over all user data in the name of cyber security.
In its alert, ICS-CERT said that "in this particular campaign, reporting organizations enabled ICS-CERT to analyze the data and create an overall view of the activity in progress. This would not have been possible without the active cooperation of the reporting organizations, so ICS-CERT commends those involved and requests continued private sector reporting whenever possible."
In a statement, Brian Contos, senior director and customer security strategist at McAfee, said "many organizations within the public sector have been engaging in what is called 'cyber readiness,' which boils down to having holistic operational visibility for more rapid threat acquisition and response. For this to be effective a heightened level of intelligence is required."
"What we thought kept us secure the last 20 years won't keep us secure the next; as the enemy matures and adapts so must we," Contos concluded.
Back in November, DHS and the FBI shot down reports that a cyber attack took down a pump at an Illinois public water utility. That came about a month after a DHS memo suggested that hacker collective Anonymous might one day target industrial control systems (ICS) in the U.S., though it is not yet organized enough for the endeavor.
For more, see Top 5 Biggest Concerns About CISPA.
For more from Chloe, follow her on Twitter @ChloeAlbanesius.
