The U.S. government has seen a rise in cyberattacks that penetrate industrial control systems, a top cybersecurity official said Wednesday.
“We see more and more [cyberattacks] that are gaining access to that control system layer,” said Marty Edwards, director of the Department of Homeland Security’s Industrial Control Systems Cyber Emergency Response Team (ICS-CERT), Reuters reported.
{mosads}Industrial control systems are part of the large computer network that supports production for critical utilities such as electricity, water, oil and gas.
The ICS-CERT warns companies of potential cyberattacks on these networks. Homeland Security’s branch recently came into the spotlight when it alerted companies it was helping Ukraine investigate a recent cyberattack on its power grid that left roughly 700,000 people without power for several hours.
The outage has drawn attention as the first known blackout caused by hackers. The incident raised concerns that U.S. critical industries may also be at risk.
The ICS-CERT said in its alert that it found a variant of the malware believed to have been used Ukraine attack in some U.S. critical infrastructure systems. It has not confirmed that the malware is responsible for the Ukrainian blackout.
Security experts, government officials and President Obama himself have long warned that the digital defenses protecting U.S. critical infrastructure are insufficient.
Edwards expressed similar concerns during an onstage interview Wednesday at the S4 conference, attended by hundreds of critical infrastructure security specialists. He said cyberattacks are increasing as more control systems became linked to the Internet.
“I am very dismayed at the accessibility of some of these networks … they are just hanging right off the tubes,” he said, according to Reuters.
U.S. officials have acknowledged that China and likely one or two other countries have the ability to shut down portions of the U.S. power grid if desired. Security specialists believe Russia and Iran are those other countries.
Russia is thought to be behind the digital assault that caused the Ukrainian blackout.
— Updated at 5:15 p.m.