The Christian Science Monitor has reported that three confidential alerts since March by the Department of Homeland Security have warned that the networks of gas pipeline companies have been under a cyber attack campaign since last December. That campaign, against an undisclosed number of companies, is continuing, the Department said.
Discovery of the apparent link between the gas-pipeline and RSA hackers was first made last month by Critical Intelligence, a cybersecurity firm in Idaho Falls, Idaho.
[Robert Huber, Co-founder of Critical Intelligence.]: "The indicators DHS provided to hunt for the gas-pipeline attackers included several that, when we checked them, turned out to be related to those used by the perpetrators of the RSA attack. While this isn't conclusive proof of a connection, it makes it highly likely that the same actor was involved in both intrusions."
Gen. Keith Alexander, chief of US Cyber Command, who also heads the NSA, told a Senate committee in March that China was to blame for the RSA hack in March 2011.
The infiltration of RSA by cyberspies is widely considered one of the most serious cyberespionage attacks to date on a nondefense industry company. Its SecurID system helps to secure many defense companies, government agencies, and banks. Information stolen from RSA has since been reported to have been used in attacks against defense companies Lockheed Martin, Northrop Grumman, and L-3 Communications.
