U.S. government officials are traveling the country warning companies about a new round of cyberattacks that have targeted 27 companies, compromised seven and may ultimately affect up to 600 asset owners, according to Neil Hershfield, deputy director, control systems security program (CSSP), Industrial Control Systems-Cyber Emergency Response Team (ICS-CERT), Homeland Security Department.
Hershfield made the comments while taking part in a critical infrastructure protection panel discussion as part of the July 25-27 AFCEA International Cyber Symposium, Baltimore.
“The reason we’re out and about across the country is that we’re seeing a new adversary taking a new approach—rather than spearphishing, they are going after vulnerabilities with [structured query language] injections, and they’re then trying to get across the networks as fast as they can as broadly as they can,” Hershfeld reported. “We’ve been working with our intelligence community partners on this and we’re now going around the country letting people know about it. We basically do this jointly with the FBI, with field offices across the country. When we’re done, we’ll probably talk to 500-600 asset owners.”
Getting the word out is crucial because “the mitigation strategy here for this kind of exploit is significantly different than what you might use in other cases,” he added.
Hershfield is part of an industrial control systems working group, a public-private partnership that is co-led by one person from the private sector and another from the government sector. The group typically meets in-person twice a year, sharing information between the public and private sectors.