In a story first reported by The Christian Science Monitor, The United States Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) has issued a warning about an active “spear phishing” campaign targeting companies in the natural gas pipeline sector.
The article cites an April 13 confidential ICS-CERT alert:
ICS-CERT has recently identified an active series of cyber intrusions targeting natural gas pipeline sector companies. Multiple natural gas pipeline organizations have reported either attempts or intrusions related to this campaign. The campaign appears to have started in late December 2011 and is active today.
The public ICS-CERT report states:
Analysis shows that the spear-phishing attempts have targeted a variety of personnel within these organizations; however, the number of persons targeted appears to be tightly focused. In addition, the e-mails have been convincingly crafted to appear as though they were sent from a trusted member internal to the organization.
Spearphishing is the hacking technique in which highly targeted socially engineered emails are sent to a very small number of people. The purpose of a spearphishing email is to deceive the recipient into taking an action, such as opening a malicious attachment, that infiltrates the targeted network. Spearphishing is an infiltration tactic heavily favored by sophisticated attackers.
The Department of Homeland Security warned of the threat of spearphishing when it conducted a mock cyberattack against U.S. infrastructure for the United States Senate earlier this year.
Spearphishing warnings are important. However, as important as detection and remedial action are, prevention is also important. SP Guard from Iconix provides the ability to distinguish real email from spearphishing attacks. Clear here to learn more.