Entries in DHS (4)


DHS: Hackers Mounting Organized Cyber Attack on US Gas Pipelines

iStockphoto/Thinkstock(WASHINGTON) -- For the past six months, an unidentified group of hackers has been mounting an ongoing, coordinated cyber attack on the control systems of U.S. gas pipelines, prompting the Department of Homeland Security to issue alerts.

According to U.S. officials, it's unclear if a foreign power is trying to map the gas systems or if hackers are attempting to harm the pipelines. A previous attack on the oil and gas sector seemed to originate in China.

The hackers are using a technique called "spear-phishing," according to the DHS, in hopes of stealing passwords and gaining access to the pipelines' control systems. Spear-phishers send targeted emails to specific individuals that seem to come from friends or associates, and when opened, attachments or links in the emails release malware into the victim's computer.

"Various sources provided information to the Industrial Control Systems Cyber Emergency Response Team," stated the DHS in a recent newsletter, "describing targeted attempts and intrusions into multiple natural gas pipeline sector organizations. Analysis of the malware and artifacts associated with these cyber attacks has positively identified this activity as related to a single campaign with spear-phishing activity dating back to as early as December 2011."

According to the DHS, the spear-phishers, who were first detected in March, have targeted a small, select group of employees at U.S. gas companies.

DHS officials and a spokesman have acknowledged they are working with the FBI to find out who may be behind the intrusions and malicious emails.

"The cyber intrusion involves sophisticated spear-phishing activities targeting personnel within the private companies," DHS spokesman Peter Boogaard said in a statement. "DHS is coordinating with the FBI and appropriate federal agencies, and DHS's Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) is working with affected organizations to prepare mitigation plans customized to their current network and security configurations to detect, mitigate and prevent such threats."

Boogaard said ICS-CERT has been working with "critical infrastructure owners" in the oil and gas industry since March 2012 to combat the cyber attacks. According to Homeland Security officials, in recent weeks ICS-CERT has held several classified briefings with oil and gas sector companies and organizations to share information about the intrusions.

The oil and gas sector has been targeted before. In February 2011 the computer security firm McAfee discovered a computer intrusion labeled "Night Dragon" that was traced to China. As part of that attack, individuals tried to obtain sensitive data and financial documents from the oil and gas companies about bids and future drilling exploration projects.

The FBI declined to comment on the case when contacted by ABC News.

Copyright 2012 ABC News Radio


DHS Creates Accounts Solely to Monitor Social Networks

iStockphoto/Thinkstock(WASHINGTON) -- An online privacy group is suing the U.S. Department of Homeland Security accusing it of not releasing records from the agency's covert surveillance of Facebook, Twitter and other social media sites.

The DHS creates accounts solely to monitor social media sites and establish a system of records of the information gathered. The agency does not post information, seek to connect with other users, accept invitations to connect or interact with others according to a statement on their website.

The agency scans social media sites for a list of words that include "dirty bomb," "hostage," "exercise," "task force," "explosion," "lockdown," "riot," "nuclear threat," "brown out," "meth lab," "cain and abel" and "brute forcing."

Several countries and cities, including North Korea and Mexico, are also flagged as key words.

In a statement, the DHS said that the National Operations Center (NOC) "will gather, store, analyze, and disseminate relevant and appropriate de-identified information to federal, state, local, and foreign governments, and private sector partners authorized to receive situational awareness and a common operating picture," said the statement.

In April 2011, the Electronic Privacy Information Center (EPIC) requested records from the DHS of the agency's social network monitoring program. The agency has an obligation to locate the records and notify the requestor if the records are available for release.

Marc Rotenberg, EPIC's executive director, told ABC News that the requests have gone unanswered.

On Dec. 20, EPIC filed a Freedom of Information Act lawsuit against the DHS.

"We want to know how they're collecting information online, what they're collecting online and if there's legal basis to do this," Rotenberg told ABC News.

"We are trying to understand what the circumstances are when the DHS is engaged in tracking to social media sites," Rotenberg added.

The DHS declined to comment on the issue.

Former FBI agent and ABC News consultant Brad Garrett said this initiative is nothing new.

"One of the biggest overlooked areas of the federal government when it comes to crime and terrorism is diligently searching public source information," said Garrett.

Garrett said the DHS can see online information that's not available to the public as long as they have legal authority, in the form of a search warrant, to do so. But often people leave private information open to the public.

"People today are very open about their thoughts and feelings on a number of different topics. It amazes me the amount of information people will write about themselves online. There's a false security about the anonymity of sitting in front of a computer screen and saying things you wouldn't say in public or in front of your parents or your spouse," said Garrett.

Garrett said the DHS should be monitoring social media sites.

"It's one of those things that the government should be doing as long as they're obeying the law. I can't tell you how many bad guys have been caught because they do something bad and then post about it online," Garrett said.

Copyright 2011 ABC News Radio


DHS and FBI Warn of Possible Retaliation for Awlaki’s Killing

Tracy A. Woodward/The Washington Post/Getty Images(WASHINGTON) -- The FBI and the Department of Homeland Security have issued a intelligence bulletin warning about homegrown violent extremists possibly retaliating after al Qaeda in the Arabian Peninsula leader Anwar al-Awlaki was killed Friday in a U.S. drone strike.

The bulletin provides background on Awlaki’s reach and extensive propaganda efforts and mentions Samir Khan, a U.S. citizen who was also killed in a vehicle with Awlaki. Khan was responsible for much of AQAP’s recent propaganda and was the author of their online jihadist magazine Inspire.

The bulletin notes there is no current information about retaliatory acts that are known to be under way, but says the FBI and DHS are concerned about “lone wolves” possibly striking out in response to Awlaki’s death.

“We assess the death of [Awlaki], in the near term, could provide motivation for Homeland attacks — particularly from HVEs [homegrown violent extremists] seeking retaliation,” the bulletin says. “We are also concerned that the operational guidance and instructions provided in past issues of Inspire magazine could be used by HVEs to prepare independent attacks.  We assess that [Awlaki's] standing as a preeminent English-language advocate of violence could trigger HVEs to take violent action to avenge his death. 

“We assess that HVEs — who may view [Awlaki's] death as justification for attacks in the Homeland — are the most likely element to attempt a near-term attack,” it says. “While we expect to observe a significant increase in violent extremist rhetoric calling for retaliation, detecting and disrupting HVEs before they strike — if any attempt to do so — will continue to present challenges to law enforcement, due to the often isolated nature their actions.”

The bulletin notes that as word of the Awlaki’s death spread there was an extensive interest on jihadist chat rooms and websites known to be sympathetic to terrorist activities.

“We assess US and Western-based sympathizers may attempt to exploit [Awlaki's]  death due to his popularity as a violent extremist whose speeches and writings are widely available on the Internet,” the bulletin says. “It is possible [Awlaki] will be portrayed as a martyr in a ‘US war against Islam’ in order to encourage individuals to take violent action.

“We are also concerned about the possibility that AQAP could attempt to retaliate  directly against the Homeland for the death of [Awlaki] and Khan, although we have no information to indicate they are currently planning to do so,” it says.  “AQAP external operations to date have focused on the aviation subsector, and the group has also revealed its interest– highlighted in two issues of Inspire magazine — in carrying out an attack against the United States using unconventional means, such as chemical or biological agents. ”

The bulletin urges law enforcement to be vigilant to report any unusual or suspicious activity that could be associated with attack planning.

Copyright 2011 ABC News Radio


Napolitano: Revised Pat-Down Policy for Kids Is Months Away 

Kevin Moloney/Getty Images(WASHINGTON) -- Testifying before the Senate Homeland Security and Government Affairs Committee, Defense Secretary Janet Napolitano said Tuesday that the TSA would begin enforcing a revised pat-down procedure for children under the age of 12.

She said that soon, DHS would begin a more “risked based” approach to passenger screening.

According to Napolitano, although there will still be some random checks, even for children under the age of 12, there will also be certain changes recognized by the general public in the months to come.

At the hearing, Sen. Rand Paul, R-Ky., had expressed personal displeasure with some examples of TSA screening. He pointed to an instance in which an eight-year-old girl had to be patted down due instructions relating to a child suicide bomber in Kandahar.  He stressed the importance of putting “some sense” into the security procedures.

Copyright 2011 ABC News Radio

ABC News Radio