DHS wants more teams that respond to cyber threats
The Homeland Security Department wants to expand its cadre of teams that help factories and power plants protect against cyber threats to their supervisory control and data acquisition systems.
The Homeland Security Department has formed small teams of experts to respond to cyber threats against industrial control systems in facilities such as factories and power plants.
The teams, which are part of DHS’ Industrial Control Systems Cyber Emergency Response Team (ICS-CERT), have so far conducted 50 assessments and been deployed 13 times to respond to incidents, DHS spokeswoman Amy Kudwa said. DHS now has four teams with about four people each, and the department wants to expand the program to 10 teams, she added.
The teams have a budget of $10 million this year and $15 million next year, according to the Associated Press. AP reported that the teams deploy with a $5,000 kit that includes a suitcase-sized bag with cables, converters, data storage and computer forensic tools.
Experts worry about malicious code being used to target industrial control systems or supervisory control and data acquisition systems. The problem of protecting critical infrastructure from cyberattack is a frequent subject of conferences, policy discussions and congressional hearings.
Recently, the threat has come into sharper focus as news has spread about malware named Stuxnet that targets industrial control systems. Stuxnet exploits a zero-day vulnerability in Microsoft Windows' processing of shortcut files to access systems after users open a USB drive.
Related Stories:
Microsoft offers workaround for vulnerability in icons
Critical infrastructure central to cyber threat
ICS-CERT said it is coordinating with Siemens-CERT, the CERT Coordination Center, Microsoft, and others to share and analyze information. The full capabilities of the malware and intent or result of the queries aren’t yet known, the group said in its advisory.
Siemens has published recommendations for detecting and removing Stuxnet, and Microsoft has released a security update.
NEXT STORY: On Infiltrating Defense Networks (Again)