Slashdot Mirror

← Back to Stories (view on slashdot.org)

DHS Asked Gas Pipeline Firms To Let Attackers Lurk Inside Networks

Posted by Soulskill on from the what-could-possibly-go-wrong dept.

wiredmikey writes "According to reports, which were confirmed Friday by ICS-CERT (PDF), there has been an active cyber attack campaign targeting the natural gas industry. However, it's the advice from the DHS that should raise some red flags. 'There are several intriguing and unusual aspects of the attacks and the U.S. response to them not described in Friday's public notice,' Mark Clayton wrote. 'One is the greater level of detail in these alerts than in past alerts. Another is the unusual if not unprecedented request to leave the cyber spies alone for a little while.' According to the source, the companies were 'specifically requested in a March 29 alert not to take action to remove the cyber spies if discovered on their networks, but to instead allow them to persist as long as company operations did not appear to be endangered.' While the main motive behind the request is likely to gain information on the attackers, letting them stay close to critical systems is dangerous. The problem lies in the complexities of our critical infrastructures and the many highly specialized embedded systems that comprise them."

5 of 114 comments (clear)

  1. NEWSFLASH: by CanHasDIY · · Score: 5, Funny

    DHS Actually Just Another Terrorist Organization; Few Surprised by Revelation

    --
    An enigma, wrapped in a riddle, shrouded in bacon and cheese
    1. Re:NEWSFLASH: by Dyinobal · · Score: 4, Funny

      They should just rename it "Department of lets see if we can get more funding" Because in reality that is all they are trying to do. DOLSIWCGMF

  2. Headline by girlintraining · · Score: 4, Funny

    Realworld equivalent: "Terrorist shows up at airport with bomb strapped to chest. Security waves him through, asks only that he not threaten anyone prior to detonation."

    --
    #fuckbeta #iamslashdot #dicemustdie
  3. Re:And who were the attackers? by daveschroeder · · Score: 5, Informative

    Yes, it couldn't possibly be adversaries, and people want to do harm to the United States, in an environment where people like you firmly believe that everything must be a "false flag" operation designed to somehow take away your rights.

    ...

    Or, it could be this:

    Capability of the People’s Republic of China to Conduct Cyber Warfare and Computer Network Exploitation
    http://www.uscc.gov/researchpapers/2009/NorthropGrumman_PRC_Cyber_Paper_FINAL_Approved%20Report_16Oct2009.pdf

    Occupying the Information High Ground: Chinese Capabilities for Computer Network Operations and Cyber Espionage
    http://www.uscc.gov/RFP/2012/USCC%20Report_Chinese_CapabilitiesforComputer_NetworkOperationsandCyberEspionage.pdf

    How China Steals Our Secrets
    http://www.nytimes.com/2012/04/03/opinion/how-china-steals-our-secrets.html

    China's Cyber Thievery Is National Policy—And Must Be Challenged
    http://online.wsj.com/article_email/SB10001424052970203718504577178832338032176-lMyQjAxMTAyMDAwOTEwNDkyWj.html

    FBI Traces Trail of Spy Ring to China
    http://online.wsj.com/article_email/SB10001424052970203961204577266892884130620-lMyQjAxMTAyMDAwNzEwNDcyWj.html

    NSA: China is Destroying U.S. Economy Via Security Hacks
    http://www.dailytech.com/NSA+China+is+Destroying+US+Economy+Via+Security+Hacks/article24328.htm

    Chinese Espionage Campaign Targets U.S. Space Technology
    http://www.businessweek.com/news/2012-04-18/chinese-espionage-campaign-targets-u-dot-s-dot-space-technology

    Report: Hackers Seized Control of Computers in NASA’s Jet Propulsion Lab
    http://www.wired.com/threatlevel/2012/03/jet-propulsion-lab-hacked/
    http://oig.nasa.gov/congressional/FINAL_written_statement_for_%20IT_%20hearing_February_26_edit_v2.pdf

    Chinese hackers took control of NASA satellite for 11 minutes
    http://www.geek.com/articles/geek-pick/chinese-hackers-took-control-of-nasa-satellite-for-11-minutes-20111119/

    Chinese hackers suspected of interfering with US satellites
    http://www.guardian.co.uk/technology/2011/oct/27/chinese-hacking-us-satellites-suspected

    Former cybersecurity czar: Every major U.S. company has been hacked by China
    http://www.itworld.com/security/262616/former-cybersecurity-czar-every-major-us-company-has-been-hacked-china

    China Attacked Internet Security Company RSA, Cyber Commander Tells SASC
    http://defense.aol.com/2012/03/27/china-attacked-internet-security-company-rsa-cyber-commander-te/

    Chinese Counterfeit Parts Keep Flowing

  4. Re:Wrong reason? by McMuffin+Man · · Score: 5, Insightful

    Not reacting immediately to advanced, targeted intruders is standard tactics, and recommended by most experts in the field. This is news to Slashdot because folks here usually only deal with mass criminal attacks, which are a different beast entirely.

    This isn't a DHS conspiracy, not even one for new funding. It's just the government advocating reasonable measure even though I'm sure they knew they'd get pilloried for it. I rarely respect the DHS, but in this case I may make an exception.