Approximately 200,000 miles of these interstate natural gas transmission pipelines in the US supply 25 percent of the nation's energy. Pipeline safety has been a major issue in recent years, highlighted by the San Bruno, Calif. pipeline explosion that killed eight people and destroyed 38 homes in the Bay Area in September 2010.
In Friday's public warning, ICS-CERT reaffirms that its "analysis of the malware and artifacts associated with these cyber attacks has positively identified this activity as related to a single campaign from a single source." It goes on to broadly describe a sophisticated "spear-phishing" campaign – an approach in which cyber attackers attempt to establish digital beachheads within corporate networks.
Spear-phishing has become one of the attack vectors of choice for cyber spies intent on infiltrating corporate networks. In such an attack, a specific person in the organization is researched, often using social networking sites like Facebook or LinkedIn in order to carefully craft a convincing e-mail that appears to be from a close associate.
But the seemingly benign e-mail typically contains a malicious software attachment or link. Once clicked on or opened, the malware or link creates a back-door for a hacker to then gain entry and begin prowling for valuable data.
Yet there are several intriguing and unusual aspects of the attacks and the US response to them not described in Friday's public notice. One is the greater level of detail in these alerts than in past alerts. Another is the unusual if not unprecedented request to leave the cyber spies alone for a little while.