Cyberattacks against critical manufacturers nearly doubled in 2015: government report

Cyberattacks waged against the nation’s critical manufacturing sector nearly doubled in fiscal year 2015, government experts said in a new report.

The Department of Homeland Security’s Industrial Control Systems Cybersecurity Emergency Response Team, or ICS-CERT, said in a report released last week that its investigators responded to 295 cyber incidents in the year ending Sept. 30 2015, including 97 reported attacks against the critical manufacturing sector, which includes the makers of goods such as primary metals, machinery and electrical and transportation equipment.

Overall, ICS-CERT said the number of cyber incidents reported during the last fiscal year constituted a 20 percent increase over 2014, with the amount of attacks waged specifically against critical manufacturers having nearly doubled year over year. The energy sector was hit the next hardest with 46 suspected incidents in 2015, followed by 25 suffered by the water and wasterwater systems sector and 23 reported by the transportation industry, the department said.

While the report described some of the cyberattacks as “sophisticated intrusions,” ICS-CERT attributed the increase in the number of incidents on “insufficiently architected networks,” such as control systems that can be accessed through the public-facing Internet. Coupled with spear phishing — a type of attack in which specific individuals are asked to click seemingly innocuous links or software which in turn compromises an entire computer or network — the report suggests that poor security practices on the part computer users employed within the critical manufacturing industry played a part in the increase in attacks as well.

“Being relatively easy to execute and demonstrably effective, spear phishing continues to be a common method of initial access against critical infrastructure targets,” reads a portion of the report, which stated elsewhere that the tactic was used in around 37 percent of the incidents investigated during the last fiscal year by the agency.

“It is uncertain if this was a change in targeting by adversaries, if these systems merely represented targets of opportunity or if there is some other explanation. Regardless of cause, this reinforces the need for asset owners/operators to focus on security fundamentals” and best practices, the report continued.

---

SEE ALSO: Diesel engine trouble while in Iranian waters led to easy seizure of U.S. Navy boats

---

Although DHS neglected to explain if any proprietary or critical information was stolen during the hacks or if any networks were damaged, the statistics support claims made last week by the director of ICS-CERT at a summit it Florida.

“I am very dismayed at the accessibility of some of these networks. … They are just hanging right off the tubes,” Marty Edwards told attendees at the 24 conference in Miami on Wednesday. “We see more and more that are gaining access to that control system layer.”

Government investigators said there was evidence that suggests 12 percent of the cyber incidents reported during the last fiscal year yielded a successful intrusions with respect to targeted control system environments, up from 9 percent one year earlier.