Friday, May 11, 2012

CSM Exclusive: potential China link to cyberattacks on gas pipeline companies

Following up on Tuesday's "Natural Gas Pipelines under Cyberattack".
From the Christian Science Monitor:
Investigators hot on the trail of cyberspies trying to infiltrate the computer networks of US natural-gas pipeline companies say that the same spies were very likely involved in a major cyberespionage attack a year ago on RSA Inc., a cybersecurity company. And the RSA attack, testified the chief of the National Security Agency (NSA) before Congress recently, is tied to one nation: China.

Three confidential alerts since March and a public report on May 4 by the Department of Homeland Security warn of a "gas pipeline sector cyber intrusion campaign," which apparently began in December. That campaign, against an undisclosed number of companies, is continuing, DHS said in the alerts, which were first reported by the Monitor.

"Analysis of the malware and artifacts associated with these cyber attacks has positively identified this activity as related to a single campaign," DHS said in its public statement May 4. It also described a sophisticated "spear-phishing" campaign – in which seemingly benign e-mails that are actually linked to malicious software are sent to specific company personnel in hopes of gaining access to corporate networks....MORE