DHS Docs Reveals Details of Cyber Attacks Targeting Energy Sector

A newly revealed DHS intelligence assessment, published by Public Intelligence – a research project that shares documents that are meant to be secretive in order to educate citizens has revealed how hackers stole sensitive information from American energy companies.

The documents, originally dated January 27, 2016, was originally from the Department of Homeland Security and has provided some insight into the means in which hackers operate, while targeting and sneaking into the American electrical grid.

For instance, aggressive foreign government hackers, or state-sponsored hackers broke into American companies at least 17 times between October 1, 2013 and September 30, 2014, according to the report. In two instances, hackers managed to worm into American petroleum corporations. In these cases, they are suspected of “exfiltrating data” from one of the two corporations.

Although rare, the DHS in the report has revealed that “highly sophisticated foreign government hackers” have slipped inside the energy grid. Their purpose is to:

“[P]rimarily coduct cyber espionage…to conduct a damaging or disruptive attack in the event of hostilities with the United States.

While significant, DHS isn’t entirely dismissing such worries offhand. The Department summed up damaging cyberattacks against the U.S. energy sector as “possible, but not likely.”

Citing cyber incidents as “espionage or some other activity” rather than “cyberattacks”, the DHS concludes that there have been “no damaging or destructive attacks” against the American energy sector.

Citing mitigation measures for the energy sector, an excerpt from the classified document reads:

Energy sector asset owners and operators can reduce the risk of malicious activity reaching ICS components by better protecting and securing their enterprise networks. Four relatively simple tactics could result in a significant decrease in compromises.

They tactics are mentioned as follows:

  • Implementing up-to-date email filters.
  • Keeping antivirus definitions up-to-date and current.
  • Keeping all software patches up-to-date and current
  • Training users and employees continually

The Homeland Security report, titled Intelligence Assessment: “Damaging Cyber Attacks Possible but Not Likely Against the US Energy Sector” can be found here.

Image credit: Pixabay.