Story

Alerts say major cyber attack aimed at gas pipeline industry

A major cyber attack is currently under way aimed squarely at computer networks belonging to US natural gas pipeline companies, according to alerts issued to the industry by the US Department of Homeland Security.

At least three confidential "amber" alerts – the second most sensitive next to "red" – were issued by DHS beginning March 29, all warning of a "gas pipeline sector cyber intrusion campaign" against multiple pipeline companies. But the wave of cyber attacks, which apparently began four months ago – and may also affect Canadian natural gas pipeline companies – is continuing.

That fact was reaffirmed late Friday in a public, albeit less detailed, "incident response" report from the Industrial Control Systems Cyber Emergency Response Team (ICS-CERT), an arm of DHS based in Idaho Falls. It reiterated warnings in the earlier confidential alerts made directly to pipeline companies and some power companies.

Is the cyberwarfare arms race for real? Survey of world experts says it is

The ICS-CERT is charged with helping secure the nation's industrial control systems – computerized systems that open and close valves, switches and factory processes vital to the chemical, industrial, and power sectors. Their "fly away" teams visit factories, power plants, and pipeline companies to investigate cyber intrusions.

"ICS-CERT has recently identified an active series of cyber intrusions targeting natural gas pipeline sector companies," the confidential April 13 alert warns. "Multiple natural gas pipeline organizations have reported either attempts or intrusions related to this campaign. The campaign appears to have started in late December 2011 and is active today."

Safeguarding industrial control systems from cyber attack is a major point of debate right now in Congress, which has been wrangling over whether to grant the federal government authority to require that vital sectors like the electric utility, oil and gas, and chemical industries meet certain levels of cyber security.