DHS: Cyberattacks on critical manufacturing doubled in 2015

The Department of Homeland Security investigated almost twice as many cyberattacks on the nation’s critical manufacturing sector in fiscal year 2015 as the year before, according to a new government report.

Critical manufacturing includes automakers, aviation equipment manufacturers and producers of metals, machinery and electrical equipment.

ADVERTISEMENT
The DHS Industrial Control Systems Cybersecurity Emergency Response Team, or ICS-CERT, said it looked into 97 reported cyber incidents across these sectors.

“This increase over previous years … is primarily related to a widespread spear-phishing campaign that primarily targeted critical manufacturing companies,” the agency said in its report.

The 97 digital attacks represented a third of the 295 cyber incidents ICS-CERT investigated overall. That overall total is up 20 percent from the previous fiscal year, the agency said.

The energy sector has the second-most cyber incidents with 46, followed by the water and wastewater systems sector with 25 and transportation systems with 23.

There was no information on whether any of these cyberattacks led to any data theft, outages or network damage. Foreign hackers also infiltrate networks to set the stage for potential future attacks.

The ICS-CERT issues public warnings about cyber threats and privately warns companies of potential attacks on networks supporting critical industries, such as electricity, water, oil and gas.

Shortly before the new report was released, ICS-CERT Director Marty Edwards said during an industry conference that the government has seen a rise in cyberattacks that penetrated industrial control systems.

“We see more and more [cyberattacks] that are gaining access to that control system layer," he said.