DHS Official Warns of More Cyber Attacks On Industrial Control Systems

Cyber espionage of critical infrastructure and other sensitive facilities is considered to be on the rise, given their exposure to the Internet.

WASHINGTON – A U.S. government cybersecurity official warned that authorities have seen an increase in attacks that penetrate industrial control system networks over the past year, and said they are vulnerable because they are exposed to the Internet.

Industrial control systems are computers that control operations of industrial processes, from energy plants and steel mills to food manufacturing facilities.

“We see more and more that are gaining access to that control system layer,” Marty Edwards, who runs the Department of Homeland Security’s Industrial Control Systems Cyber Emergency Response Team, or ICS-CERT, said via the Business Insider.

ICS-CERT helps U.S. firms investigate suspected cyber attacks on industrial control systems as well as corporate networks.

Interest in critical infrastructure security has surged since late last month when Ukraine authorities blamed a power outage on a cyber attack from Russia, which would make it the first known power outage caused by a cyber attack.

Experts attending the S4 conference of some 300 critical infrastructure security specialists in Miami said the incident has caused U.S. firms to ask whether their systems are vulnerable to similar incidents.

Edwards said he believed the increase in attacks was mainly because more control systems are directly connected to the Internet.

“I am very dismayed at the accessibility of some of these networks … they are just hanging right off the tubes,” he said in an on-stage interview with conference organizer Dale Peterson.

Edwards did not say whether those attacks had caused any service disruptions or threatened public safety.

Sean McBride, a critical infrastructure analyst with iSight Partners who attended the talk, said the increase may reflect more publicity in recent years over risks over cyber attacks, which prompted operators to find more infections.

McBride said he could not say if the increase was troubling because he did not know the intent of the attackers.

Edwards and a DHS spokesman declined to elaborate on his comments.

ICS-CERT said in an alert this week that it had identified malware used in the attack in Ukraine as BlackEnergy 3, a variant of malware that the agency said in 2014 had infected some U.S. critical infrastructure operators.

A DHS official said on Tuesday that government investigators have not confirmed whether the BlackEnergy malware caused the Ukraine incident.

“At this time there is no definitive evidence linking the power outage in Ukraine with the presence of the malware,” said the official, who was not authorized to discuss the matter publicly.

Edwards did not discuss the Ukraine attack during his talk.

If you enjoyed this article and want to receive more valuable industry content like this, click here to sign up for our FREE digital newsletters!

Security Is Our Business, Too

For professionals who recommend, buy and install all types of electronic security equipment, a free subscription to Commercial Integrator + Security Sales & Integration is like having a consultant on call. You’ll find an ideal balance of technology and business coverage, with installation tips and techniques for products and updates on how to add to your bottom line.

A FREE subscription to the top resource for security and integration industry will prove to be invaluable.

Subscribe Today!

Get Our Newsletters