Critical infrastructure sector sees big uptick in breach attempts

U.S. critical infrastructure systems experienced a 20 percent increase in attempted cybersecurity breaches in fiscal year 2015, according to an end-of-the-year report from the Department of Homeland Security's Industrial Control Systems Cybersecurity Emergency Response Team, a group tasked with reducing the risk of cyber attack against U.S. critical infrastructure.

According to the report, the ICS-CERT responded to 295 cybersecurity incidents involving critical infrastructure, compared to fiscal 2014's 245.

Despite the increase in total number of incidents, last year's most commonly targeted sector, Energy, experienced a 42 percent decline in breach attempts. Increased efforts to crack the critical manufacturing sector helped add to the overall gain. That sector was the primary target of "a widespread spear-phishing campaign," the report stated.

Hackers are increasingly going after low-hanging fruit. DHS "responded to a significant number of incidents enabled by insufficiently architected networks," the report noted. "It is uncertain if this was a change in targeting by adversaries, if these systems merely represented targets of opportunity, or if there is some other explanation."

In fiscal 2014, there were 42 "relatively easy to execute and demonstrably effective" spear phishing incidents. In fiscal 2015, that number surged to 109. The report stressed the need for infrastructure operators to remove easily exploited vulnerabilities from their systems and move to real time network monitoring.

Some organizations have improved their deftness at independently handling security threats. Unsuccessful or successfully thwarted incidents comprised 69 percent of the total incidents, up almost 30 percent from fiscal year 2014.