Shows & Panels
- AFCEA Answers
- Ask the CIO
- The Big Data Dilemma
- Carrying On with Continuity of Operations
- Connected Government
- Constituent Servicing
- Continuous Monitoring: Tools and Techniques for Trustworthy Government IT
- The Cyber Imperative
- Cyber Solutions for 2013 and Beyond
- Expert Voices
- Federal Executive Forum
- Federal IT Challenge
- Federal Tech Talk
- Mission-critical Apps in the Cloud
- The Path from Legacy Systems
- The Real Deal on Digital Government
- The Reality of Continuous Monitoring... Is Your Agency Secure?
- Veterans in Private Sector: Making the Transition
Shows & Panels
DHS reports surge in cyber attacks against critical infrastructure
Wednesday - 7/4/2012, 5:15pm EDT
In 2011, companies reported 198 cyber incidents to the Homeland Security Department — a nearly 383 percent increase above 2010, according to a June 28 report from the Industrial Control Systems Cyber Emergency Response Team (ICS-CERT). Companies reported nine such incidents in 2009., when DHS opened ICE-CERT to help protect private-sector operators critical infrastructure from "emerging" cyber threats.
Water facilities claimed the lion's share of reported incidents, about 41 percent. ICS-CERT also logged reports from energy, nuclear and chemical facilities.
|Click image to enlarge|
For seven of the reported cases in 2011, ICS-CERT deployed on-site incident response teams at the behest of the companies involved..
Based on those on-site deployments, the agency pointed to some trends and commonalities among the incidents.
Spear-phishing most common method
The most common method of network intrusions was spear-phishing emails containing malicious links or attachments. Of the 17 incidents ICS-CERT investigated more closely, seven used spear phishing.
ICS-CERT also found many companies inadequately equipped to handle network intrusions. In 12 of the 17 cases, implementing certain security features, such as limiting log-ins and properly configuring firewalls "could have deterred the attack, significantly reduced the time to detect the attack or at least reduced the impact of the incident," according to the report.
Most of the companies the agency responded to were also lacking tools to detect intrusions into their networks.
The security gaps fall into three broad categories, ICS-CERT said: people, process and technology. Companies can be hindered by employees who don't understand risks, a lack of sufficient security strategies and inadequate technology.
As the number and sophistication of cyber intrusions continue to increase, ICS-CERT issued guidance on what companies should to respond to cyber attacks.