Aerosol Posted March 12, 2015 Report Share Posted March 12, 2015 US industrial control systems were hit by cyber attacks at least 245 times over a 12-month period, the US Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) has revealed.The figure was included in a report by the ICS-CERT, which operates within the National Cybersecurity and Integration Center, itself a part of the Department of Homeland Security.The report is classed as covering the 2014 fiscal year which, under US government dates, was between 1 October 2013 and 30 September 2014.“ICS-CERT received and responded to 245 incidents reported by asset owners and industry partners,” the report said.The energy sector accounted for the most incidents at 79, but perhaps the more alarming figure is that 65 incidents concerned cyber infiltration of the manufacturers of ICS hardware.“The ICS vendor community may be a target for sophisticated threat actors for a variety of reasons, including economic espionage and reconnaissance,” the report said.The data below shows the various industries that ICS-CERT was called on to help.The group said that 55 percent of investigated incidents showed signs that advanced persistent threats had been used to breach systems.“Other actor types included hacktivists, insider threats and criminals. In many cases, the threat actors were unknown due to a lack of attributional data,” it added.The graph below shows the various forms of attack methods uncovered by the ICS-CERT, although worryingly the vast majority of attacks were untraceable.The ICS-CERT did reveal, however, that some of its work related to hacks that used the Havex and Black Energy malware revealed during 2014.“ICS-CERT has provided onsite and remote assistance to various critical infrastructure companies to perform forensic analysis of their control systems and conduct a deep dive analysis into Havex and Black Energy malware,” it said.The ICS-CERT also acknowledged that it is highly likely that it was unaware of other incidents that will have occurred during the period.“The 245 incidents are only what was reported to ICS-CERT, either by the asset owner or through relationships with trusted third-party agencies and researchers. Many more incidents occur in critical infrastructure that go unreported,” the report said.The report comes amid rising concerns that industrial control systems are being targeted by Russian hackers, who are seen as new and highly sophisticated players in the cyber arena.Source Quote Link to comment Share on other sites More sharing options...
