The Department of Homeland Security has issued an alert warning that computer networks connected to privately-owned natural gas pipelines are presently under cyber attack in an “intrusion campaign” that began some four months ago and could extend to Canada.
The “amber” alert, the second highest cyber threat level, has been ongoing since December 2011, when the DHS noted that “multiple natural gas pipeline organizations have reported either attempts or intrusions related to this campaign”.
The reiteration of these alerts coincides with the attempt to push the passage of rival cyber security bills in the House and Senate. The House bill, approved in late April, allows for and encourages companies to share private information that could help avert threats to national security, and offers incentives for voluntary cooperation.
A rival Senate bill, preferred by the White House, proposes obligatory cooperation and cyber security standards and is much less broad both in terms of information-sharing and privacy concerns. Both bills have bipartisan support circles.
There are some 200,000 miles of interstate natural gas pipelines across the U.S. supplying approximately 25 percent of the country’s energy.
According to the DHS, this infrastructure is under attack by a “single source” in a sophisticated “spear-phishing” campaign that is attempting to establish digital beachheads within corporate networks. Phishing is a digital form of social engineering that uses authentic-looking, but fake, e-mails to request information from users or direct them to a fake website that requests information.
As to the origin of the “single source” in this ongoing cyber infiltration, the DHS is silent. On a geopolitical level, Russia, China and Iran are all concerns, while the latter could seek revenge for a number of cyber attacks targeting its nuclear facilities and oil industry.
Individual hackers operating strictly for financial gain are also an option, as is the growing trend towards “hactivism”, which could extend to the environmental venue as an alternative avenue for protesting the use of fossil fuels, among other things.
The US government has been keen of late to target the hactivist group Anonymous, though there are no indications that this group has any designs on critical US energy infrastructure. Rather, its focus is on civil liberties, and most recently, it has vowed action against cyber security bills that would impinge upon privacy.
That said, according to a 2012 report from Verizon, nearly 60 percent of data stolen in cyber attacks last year was the result of hactivism rather than state actors or individual hackers operating solely for financial gain.
As such, the nature of this ongoing cyber attack on US pipeline infrastructure also remains unclear, and could range from attempts to steal corporate data for financial gain to a threat from another state to collection of data for an environmental protest action.
A string of reports issuing from the Government Accountability Office (GAO) since 2009 detail the growing concerns of a cyber attack on critical US energy infrastructure. A 24 April 2012 GAO report, “Cybersecurity Threats Impacting the Nation”, notes that “over the past 6 years, the number of incidents reported by federal agencies to the federal information security incident center has increased by nearly 680 percent.”
Most of these attacks have targeted banks, insurance companies and government databases such as Medicaid, etc. However, in February 2011, media reports stated that computer hackers had broken into and stolen proprietary information worth millions of dollars from the networks of six US and European energy companies, according to the GAO report.
Also related to energy infrastructure, the GAO report notes that in August 2006, two circulation pumps at Unit 3 of the Browns Ferry, Alabama, nuclear power plant failed, forcing the manual shutdown of the unit. “The failure of the pumps was traced to excessive traffic on the control system network, possibly caused by the failure of another control system device.”
By Jen Alic of Oilprice.com
Jen Alic is a geopolitical analyst, co-founder of ISA Intel in Sarajevo and Tel Aviv, and the former editor-in-chief of ISN Security Watch in Zurich.