If there’s an upside to reports over the past week that the U.S. natural gas pipeline sector has been the target of potentially threatening cyber intrusions, at least we know this: the industry voluntarily came forward about it, in this case to a body at the U.S. Department of Homeland Security known as the Industrial Control Systems-Cyber Emergency Response Team (ICS-CERT), which keep tabs on risks to the country’s critical infrastructure and natural resources.
As first reported by the Christian Science Monitor, since March DHS has been alerting organizations to a cyber-threat campaign aimed at industry networks (and which investigators believe may be linked to the 2011 cyber attack on RSA, Inc.). Last week, DHS confirmed as much in a public monthly bulletin [PDF], which in addition to describing the cyber attacks in question, also highlighted how DHS came to be alerted in the first place:
In this particular campaign, reporting organizations enabled ICS-CERT to analyze the data and create an overall view of the activity in progress. This would not have been possible without the active cooperation of the reporting organizations, so ICS-CERT commends those involved and requests continued private sector reporting whenever possible. ICS-CERT provides secure portal access to critical infrastructure asset owners and government agency personnel who are tasked with protecting critical infrastructure.
