Stay up to date with notifications from The Independent

Notifications can be managed in browser preferences.

US agencies: Industrial control system malware discovered

Multiple U.S. government agencies have issued a joint alert announcing the discovery of malicious cyber tools capable of gaining “full system access” to multiple industrial control systems

Via AP news wire
Wednesday 13 April 2022 15:49 EDT
Cybersecurity Critical Industry Malware
Cybersecurity Critical Industry Malware (Copyright 2022 The Associated Press. All rights reserved.)

Your support helps us to tell the story

From reproductive rights to climate change to Big Tech, The Independent is on the ground when the story is developing. Whether it's investigating the financials of Elon Musk's pro-Trump PAC or producing our latest documentary, 'The A Word', which shines a light on the American women fighting for reproductive rights, we know how important it is to parse out the facts from the messaging.

At such a critical moment in US history, we need reporters on the ground. Your donation allows us to keep sending journalists to speak to both sides of the story.

The Independent is trusted by Americans across the entire political spectrum. And unlike many other quality news outlets, we choose not to lock Americans out of our reporting and analysis with paywalls. We believe quality journalism should be available to everyone, paid for by those who can afford it.

Your support makes all the difference.

Multiple U.S. government agencies issued a joint alert Wednesday warning of the discovery of malicious cyber tools created by unnamed advanced threat actors that they said were capable of gaining “full system access” to multiple industrial control systems.

The public alert from the Energy and Homeland Security Departments, the FBI and National Security Agency did not name the actors or offer details on the find.

But the CEO of one of the cybersecurity companies involved in the effort, Robert M. Lee of Dragos, says it has high confidence the malware was developed by a state actor and was configured to initially target liquified natural gas and electric power sites in North America.

Lee would not name the state actor, referring questions to the U.S. government. Nor would he explain how the malware was discovered, other than to say it was caught "before an attack was attempted.”

“We’re actually one step ahead of the adversary. None of us want them to understand where they screwed up,” said Lee. “Big win.”

The Cybersecurity and Infrastructure Security Agency, which published the alert, did not immediately respond to a request for details on the discovery or threat actor.

The U.S. government has warned critical infrastructure industries the gird for possible cyberattacks from Russia as retaliation for severe economic sanctions imposed on Moscow in response to its Feb. 24 invasion of Ukraine.

Lee said the malware was “designed to be a framework to go after lots of different types of industries and be leveraged multiple times. Based on the configuration of it, the initial targets would be LNG and electric in North America.”

He said the malware, dubbed Pipedream, is only the seventh such malicious software to be identified that is designed to attack industrial control systems.

Lee said Dragos, which specializes in industrial control system protection, identified and analyzed its capability in early 2022 as part of its normal business research and in collaboration with partners.

He would offer no more specifics The U.S. government alert offers thanks to Dragos, Mandiant, Microsoft. Palo Alto Networks and Schneider Electric for their contributions.

Schneider Electric is one of the manufacturers listed in the alert whose equipment is targeted by the malware. Omron is another.

Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged inPlease refresh your browser to be logged in