Homeland Security

Critical infrastructure sector sees big uptick in breach attempts

cybersecurity concept

U.S. critical infrastructure systems experienced a 20 percent increase in attempted cybersecurity breaches in fiscal year 2015, according to an end-of-the-year report from the Department of Homeland Security's Industrial Control Systems Cybersecurity Emergency Response Team, a group tasked with reducing the risk of cyber attack against U.S. critical infrastructure.

According to the report, the ICS-CERT responded to 295 cybersecurity incidents involving critical infrastructure, compared to fiscal 2014's 245.

Despite the increase in total number of incidents, last year's most commonly targeted sector, Energy, experienced a 42 percent decline in breach attempts. Increased efforts to crack the critical manufacturing sector helped add to the overall gain. That sector was the primary target of "a widespread spear-phishing campaign," the report stated.

Hackers are increasingly going after low-hanging fruit. DHS "responded to a significant number of incidents enabled by insufficiently architected networks," the report noted. "It is uncertain if this was a change in targeting by adversaries, if these systems merely represented targets of opportunity, or if there is some other explanation."

In fiscal 2014, there were 42 "relatively easy to execute and demonstrably effective" spear phishing incidents. In fiscal 2015, that number surged to 109. The report stressed the need for infrastructure operators to remove easily exploited vulnerabilities from their systems and move to real time network monitoring.

Some organizations have improved their deftness at independently handling security threats. Unsuccessful or successfully thwarted incidents comprised 69 percent of the total incidents, up almost 30 percent from fiscal year 2014.

About the Author

Chase Gunter is a staff writer covering civilian agencies, workforce issues, health IT, open data and innovation.

Prior to joining FCW, Gunter reported for the C-Ville Weekly in Charlottesville, Va., and served as a college sports beat writer for the South Boston (Va.) News and Record. He started at FCW as an editorial fellow before joining the team full-time as a reporter.

Gunter is a graduate of the University of Virginia, where his emphases were English, history and media studies.

Click here for previous articles by Gunter, or connect with him on Twitter: @WChaseGunter

Featured

  • IT Modernization
    Eisenhower Executive Office Building (Image: Wikimedia Commons)

    OMB's user guide to the MGT Act

    The Office of Management and Budget is working on a rules-of-the-road document to cover how agencies can seek and use funds under the MGT Act.

  • global network (Pushish Images/Shutterstock.com)

    As others see us -- a few surprises

    A recent dinner with civil servants from Asia delivered some interesting insights, Steve Kelman writes.

  • FCW Perspectives
    cloud (Singkham/Shutterstock.com)

    A smarter approach to cloud

    Advances in cloud technology are shifting the focus toward choosing the right tool for the job and crafting solutions that truly modernize systems.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.