recommended reading

DHS Notifies Companies, Offers Intel About Ongoing Hacks

Mark J. Terrill/AP file photo

The Homeland Security Department is distributing details about hacks to critical infrastructure operators in response to continuing cyber assaults that, according to people familiar with the cases, involve recent breaches at Apple, Microsoft and other technology firms.

The intelligence sharing also fulfills part of a Feb. 12 cybersecurity executive order, DHS officials told Nextgov. The policy required agencies to exchange information on threats to private computers running critical U.S. assets and asked businesses to do the same.

"Various cyber actors have engaged in malicious activity against U.S. government and private sector entities. The apparent objective of this activity has been the theft of intellectual property, trade secrets, and other sensitive business information," a DHS bulletin issued on Friday states.

The bulletin notifies energy suppliers, hospitals and other sectors vital to society that confidential guidance is available on “ongoing malicious cyber activity against U.S. government and private sector entities.” To receive the sensitive information, the companies or their Internet service providers must use "secure channels," according to the alert. As Nextgov reported on Friday, the government is building a restricted communications system for cyber tips patterned after the network facilitating the See Something, Say Something counterterrorism campaign. 

A former federal official familiar with the ongoing investigations said the activities referenced in the notice include recent infections of corporate computers at technology companies. The hackers exploited an Oracle Java software vulnerability on computers to inject malicious software. TwitterFacebook and Apple this month disclosed intrusions, reportedly perpetrated when their employees visited an infected software developer website that then passed on the malware to their machines. On Friday, Microsoft confirmed its corporate systems also had suffered similar compromises. Some experts suspect Chinese hackers are behind the malware campaign, while others now are fingering Eastern Europeans. 

Earlier in the week, computer forensics firm Mandiant released an unprecedented public report with evidence connecting a Chinese military unit to more than a hundred network infiltrations at companies in mainly English-speaking countries. 

The Pentagon and DHS since 2011 have experimented with disseminating classified threat information from the Defense Department's National Security Agency to military contractors. This month’s executive order allows the rest of the U.S. critical sectors to see the NSA intelligence. The level of sensitivity of Friday’s data is unknown.

The information offered includes computer network addresses, website extensions and malicious software "indicators," or the unique hallmarks of a specific virus, according to the bulletin. Department officials added that the threat indicators will help government and commercial network operators "take action to mitigate adverse impacts from this activity and protect their sensitive information."

Late Sunday night, a DHS official said in a statement, “Consistent with the recently signed executive order,” the release of the “bulletin by the Department of Homeland Security, in collaboration with the FBI, is an important part of our broader effort to provide critical infrastructure entities with the information they need to protect their networks from malicious cyber activity.”

The official added, “The administration is committed to protecting the nation’s security and economy, maintaining competitiveness and stopping criminal activity within cyberspace, and this whole of government effort is an important step toward that goal.”

Threatwatch Alert

Accidentally leaked credentials

U.K. Cellphone Company Leaks Customer Data to Other Customers

See threatwatch report

JOIN THE DISCUSSION

Close [ x ] More from Nextgov
 
 

Thank you for subscribing to newsletters from Nextgov.com.
We think these reports might interest you:

  • It’s Time for the Federal Government to Embrace Wireless and Mobility

    The United States has turned a corner on the adoption of mobile phones, tablets and other smart devices, outpacing traditional desktop and laptop sales by a wide margin. This issue brief discusses the state of wireless and mobility in federal government and outlines why now is the time to embrace these technologies in government.

    Download
  • Featured Content from RSA Conference: Dissed by NIST

    Learn more about the latest draft of the U.S. National Institute of Standards and Technology guidance document on authentication and lifecycle management.

    Download
  • A New Security Architecture for Federal Networks

    Federal government networks are under constant attack, and the number of those attacks is increasing. This issue brief discusses today's threats and a new model for the future.

    Download
  • Going Agile:Revolutionizing Federal Digital Services Delivery

    Here’s one indication that times have changed: Harriet Tubman is going to be the next face of the twenty dollar bill. Another sign of change? The way in which the federal government arrived at that decision.

    Download
  • Software-Defined Networking

    So many demands are being placed on federal information technology networks, which must handle vast amounts of data, accommodate voice and video, and cope with a multitude of highly connected devices while keeping government information secure from cyber threats. This issue brief discusses the state of SDN in the federal government and the path forward.

    Download
  • The New IP: Moving Government Agencies Toward the Network of The Future

    Federal IT managers are looking to modernize legacy network infrastructures that are taxed by growing demands from mobile devices, video, vast amounts of data, and more. This issue brief discusses the federal government network landscape, as well as market, financial force drivers for network modernization.

    Download

When you download a report, your information may be shared with the underwriters of that document.