Brute-Force Cyber Attacks Intensify on Critical Infrastructure

The Department of Homeland Security’s Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) warned that attacks against critical infrastructure are growing, with more than 200 brute-force cyber attack incidents reported between October and May, surpassing the 198 total attacks in all of FY 2012.

According to a ComputerWorld article, the newly issued report state that more than half of the attacks were against the energy sector – 49 malicious IPs attacked natural gas companies across the Midwest and Plains. A further 17 percent of attacks targeted the manufacturing sector.

On June 24, US-CERT issued the first security alert for leaving the vendors’ default passwords in place on Internet-connected devices. “Any system using password authentication accessible from the internet (sic) may be affected. Critical infrastructure and other important embedded systems, appliance and devices are of particular concern,” the alert warns, adding that it is imperative to change the manufacturer’s password, as the lists of such defaults are easily obtained online.

ON DEMAND: Business-impacting events such as severe weather, man-made disasters, and supply chain disruption are increasing in frequency and making impacts around the globe.

In today's rapidly evolving security landscape, organizations face an ever-growing array of disruptive events, security threats and risks. Traditional reactive approaches to security intelligence often leave businesses vulnerable and ill-prepared to anticipate and mitigate emerging threats that could impact the safety of their people, facilities or operations.