Topics:

Critical Infrastructure | Equipment & Technology

Cyber attacks on critical infrastructure could have been foiled with common precautions

July 2, 2012 | By David Perera

Tools

Of the 17 cybersecurity incidents affecting operators of critical infrastructure serious enough to require onsite deployment by the Homeland Security Department's Industrial control systems cyber emergency response team, 12 could have been prevented--or at least have been reduced in impact--by deployment of recommended practices, says ICS-CERT.

In a report (.pdf) summarizing known incidents from November 2009 (when ICS-CERT came into being) through fiscal 2011, DHS security experts say common precautions such as segmenting networks with properly configured firewalls or login limitations could have also reduced the amount of time to detect the attack. Ten organizations could have detected--but apparently did not--the intrusion after it happened by using filtering to detect outgoing and incoming traffic to known bad Internet protocol addresses or domain names, the report says.

The most common infection vector, it says, was spear-phishing emails with links to malicious websites embedded or attachments containing executable code attached. Spear-phishing accounted for seven of the 17 serious incidents. At least one was caused by an infected USB device.

Theft of data "seems to have been the primary motive" for the intrusions, the report says, also stating that sophisticated threat actors were present in 11 of the 17 incidents.

The number of incidents reported to ICS-CERT increased significantly from fiscals 2010 to 2011--49 in the former, 205 in the latter. It's not clear from reading the report, however, whether that represents a genuine increase in cyber threats or an increase in reporting to ICS-CERT, which is still a new organization,.

For more:
- download the ICS-CERT 2009-2011 incident summary report (.pdf)

Filed Under

cybersecurity, ICS-CERT, National Cyber Security Division

Comments

View the discussion thread.

Popular Stories

Most Read
Most Shared

THE LIBRARY: WEBINAR

Federal security concerns and the cloud

| Now Available On-demand | Hosted by: FierceGovernmentIT | Sponsored by: CommVault

Join FierceGovernmentIT for a webinar while we discuss the extent to which data security concerns act as a cloud computing adoption obstacle, the extent to which the can be mitigated and the resulting impacts those mitigations may have on use cases and deployment. Watch Today.

MORE ITEMS

Latest Commentary

Misreading Border Patrol statistics

The Constitution protects even Tsarnaev

Coast Guard budget cuts have long term effects

Irrationality and Patrick Meehan's fear of Iran

Ninth Circuit laptop ruling good for civil rights, good for border security

The 2013 Cyber Security Summit: September 25th New York, NY September 25 — New York, NY

MORE EVENTS

Press Releases

Featured Jobs

Sponsored Links

Cyber attacks on critical infrastructure could have been foiled with common precautions

Comments

THE LIBRARY: WEBINAR

EVENTS

A publication of FierceMarkets

The FierceMarkets Network:

Telecom

Marketing & Retail

Healthcare

Government

Energy

Life Sciences

Enterprise IT

Finance

Cyber attacks on critical infrastructure could have been foiled with common precautions

Comments

Join 12,000+ Insiders SIGN UP FOR OUR NEWSLETTER

THE LIBRARY: WEBINAR

EVENTS

A publication of FierceMarkets

The FierceMarkets Network:

Telecom

Marketing & Retail

Healthcare

Government

Energy

Life Sciences

Enterprise IT

Finance