April 6, 2016 by

DHS Docs Reveals Details of Cyber Attacks Targeting Energy Sector

A newly revealed DHS intelligence assessment, published by Public Intelligence – a research project that shares documents that are meant to be secretive in order to educate citizens has revealed how hackers stole sensitive information from American energy companies.

The documents, originally dated January 27, 2016, was originally from the Department of Homeland Security and has provided some insight into the means in which hackers operate, while targeting and sneaking into the American electrical grid.

For instance, aggressive foreign government hackers, or state-sponsored hackers broke into American companies at least 17 times between October 1, 2013 and September 30, 2014, according to the report. In two instances, hackers managed to worm into American petroleum corporations. In these cases, they are suspected of “exfiltrating data” from one of the two corporations.

Although rare, the DHS in the report has revealed that “highly sophisticated foreign government hackers” have slipped inside the energy grid. Their purpose is to:

“[P]rimarily coduct cyber espionage…to conduct a damaging or disruptive attack in the event of hostilities with the United States.

While significant, DHS isn’t entirely dismissing such worries offhand. The Department summed up damaging cyberattacks against the U.S. energy sector as “possible, but not likely.”

Citing cyber incidents as “espionage or some other activity” rather than “cyberattacks”, the DHS concludes that there have been “no damaging or destructive attacks” against the American energy sector.

Citing mitigation measures for the energy sector, an excerpt from the classified document reads:

Energy sector asset owners and operators can reduce the risk of malicious activity reaching ICS components by better protecting and securing their enterprise networks. Four relatively simple tactics could result in a significant decrease in compromises.

They tactics are mentioned as follows:

  • Implementing up-to-date email filters.
  • Keeping antivirus definitions up-to-date and current.
  • Keeping all software patches up-to-date and current
  • Training users and employees continually

The Homeland Security report, titled Intelligence Assessment: “Damaging Cyber Attacks Possible but Not Likely Against the US Energy Sector” can be found here.

Image credit: Pixabay.

About the author

Image of Author

LIFARS is the global leader in Digital Forensics and Cyber Resiliency Services. Our experience spans two decades working on high profile events, often in concert with Law Enforcement Agencies around the world. Our proprietary methodology derives directly and indirectly from our experience working with and for U.S. Intelligence Agencies, Interpol, Europol, and NATO. We are solely dedicated to Cyber Resiliency and thus pay close attention to all aspects of our clients’ engagements experience while providing a strategic and integrated array of services to minimum risk and disruption while protecting your brand.

Related articles

US Homeland Security Team Remotely Hacked a Boeing 757

A Department of Homeland Security (DHS) official has admitted that he and a team of experts remotely...

Read more arrow_forward

US Govt Warns Energy, Aviation Companies of Cybersecurity Threats

The US government has reportedly issued a rare public warning about targeted hacking campaigns...

Read more arrow_forward

Android, Linux Vulnerabilities Dominate the US-CERT Bulletin this Week

The most recent vulnerability summary bulletin by the Department of Homeland Security’s US-CERT...

Read more arrow_forward