recommended reading

DHS Notifies Companies, Offers Intel About Ongoing Hacks

Mark J. Terrill/AP file photo

The Homeland Security Department is distributing details about hacks to critical infrastructure operators in response to continuing cyber assaults that, according to people familiar with the cases, involve recent breaches at Apple, Microsoft and other technology firms.

The intelligence sharing also fulfills part of a Feb. 12 cybersecurity executive order, DHS officials told Nextgov. The policy required agencies to exchange information on threats to private computers running critical U.S. assets and asked businesses to do the same.

"Various cyber actors have engaged in malicious activity against U.S. government and private sector entities. The apparent objective of this activity has been the theft of intellectual property, trade secrets, and other sensitive business information," a DHS bulletin issued on Friday states.

The bulletin notifies energy suppliers, hospitals and other sectors vital to society that confidential guidance is available on “ongoing malicious cyber activity against U.S. government and private sector entities.” To receive the sensitive information, the companies or their Internet service providers must use "secure channels," according to the alert. As Nextgov reported on Friday, the government is building a restricted communications system for cyber tips patterned after the network facilitating the See Something, Say Something counterterrorism campaign. 

A former federal official familiar with the ongoing investigations said the activities referenced in the notice include recent infections of corporate computers at technology companies. The hackers exploited an Oracle Java software vulnerability on computers to inject malicious software. TwitterFacebook and Apple this month disclosed intrusions, reportedly perpetrated when their employees visited an infected software developer website that then passed on the malware to their machines. On Friday, Microsoft confirmed its corporate systems also had suffered similar compromises. Some experts suspect Chinese hackers are behind the malware campaign, while others now are fingering Eastern Europeans. 

Earlier in the week, computer forensics firm Mandiant released an unprecedented public report with evidence connecting a Chinese military unit to more than a hundred network infiltrations at companies in mainly English-speaking countries. 

The Pentagon and DHS since 2011 have experimented with disseminating classified threat information from the Defense Department's National Security Agency to military contractors. This month’s executive order allows the rest of the U.S. critical sectors to see the NSA intelligence. The level of sensitivity of Friday’s data is unknown.

The information offered includes computer network addresses, website extensions and malicious software "indicators," or the unique hallmarks of a specific virus, according to the bulletin. Department officials added that the threat indicators will help government and commercial network operators "take action to mitigate adverse impacts from this activity and protect their sensitive information."

Late Sunday night, a DHS official said in a statement, “Consistent with the recently signed executive order,” the release of the “bulletin by the Department of Homeland Security, in collaboration with the FBI, is an important part of our broader effort to provide critical infrastructure entities with the information they need to protect their networks from malicious cyber activity.”

The official added, “The administration is committed to protecting the nation’s security and economy, maintaining competitiveness and stopping criminal activity within cyberspace, and this whole of government effort is an important step toward that goal.”

Threatwatch Alert

Thousands of cyber attacks occur each day

See the latest threats


Close [ x ] More from Nextgov

Thank you for subscribing to newsletters from
We think these reports might interest you:

  • Modernizing IT for Mission Success

    Surveying Federal and Defense Leaders on Priorities and Challenges at the Tactical Edge

  • Communicating Innovation in Federal Government

    Federal Government spending on ‘obsolete technology’ continues to increase. Supporting the twin pillars of improved digital service delivery for citizens on the one hand, and the increasingly optimized and flexible working practices for federal employees on the other, are neither easy nor inexpensive tasks. This whitepaper explores how federal agencies can leverage the value of existing agency technology assets while offering IT leaders the ability to implement the kind of employee productivity, citizen service improvements and security demanded by federal oversight.

  • Effective Ransomware Response

    This whitepaper provides an overview and understanding of ransomware and how to successfully combat it.

  • Forecasting Cloud's Future

    Conversations with Federal, State, and Local Technology Leaders on Cloud-Driven Digital Transformation

  • IT Transformation Trends: Flash Storage as a Strategic IT Asset

    MIT Technology Review: Flash Storage As a Strategic IT Asset For the first time in decades, IT leaders now consider all-flash storage as a strategic IT asset. IT has become a new operating model that enables self-service with high performance, density and resiliency. It also offers the self-service agility of the public cloud combined with the security, performance, and cost-effectiveness of a private cloud. Download this MIT Technology Review paper to learn more about how all-flash storage is transforming the data center.


When you download a report, your information may be shared with the underwriters of that document.