Dive Summary:
- The Department of Homeland Security (DHS) recently sent out an alert warning utility and nuclear industry CEOs about a recent spate of cyberattacks that deployed basic tools to break into power company networks, the Houston Chronicle reported after obtaining the alert.
- A source said he received the undated alert from the Department on Monday. The alert apparently was an expanded follow-up on the online attacks that prompted the first department alert May 9. The DHS has warned energy companies to strengthen security following various physical and online attacks threatening electricity infrastructure and equipment.
- "In at least one case, the attackers successfully obtained all the information needed to access the industrial control systems environment," the memo said of the online attacks. Furthermore, the most recent U.S. attacks hitting several companies have involved simple hacking approaches such as password hacking and common malicious software that can harm an old system not protected against the malware.
From the article:
“While the identified tools and techniques are common and easy to obtain in the public domain, it is notable that attackers successfully deployed them against several U.S. energy and critical manufacturing sector targets over a period of weeks," the memo said.