The hacker group Anonymous is interested in attacking the industrial control systems (ICS) behind energy, biotechnology and oil businesses, according to a Department of Homeland Security bulletin.
The website Public Intelligence released the bulletin to the public this week. The DHS bulletin was issued privately last month.
The document was created by the National Cybersecurity and Communications Integration Center (NCCIC) and is labeled unclassified and for official use only.
Industrial control systems “monitor and control complex industrial processes like petroleum refinement, chemical production, product manufacturing, and electric power generation and transmission,” according to the National Security Agency’s Systems and Network Analysis Center. The infrastructure includes vital pumps and switches that communicate over network links.
Although Anonymous allegedly wants to compromise these ICS systems, the organization’s members may not actually be able to do it yet. “While Anonymous recently expressed intent to target ICS, they have not demonstrated a capability to inflict damage to these systems, instead choosing to harass and embarrass their targets using rudimentary attack methods, readily available to the research community,” the authors wrote.
“Anonymous’ increased interest may indicate intent to develop an offensive ICS capability in the future,” the document writes, but the hacker collective may have trouble making this happen. “The lack of centralized leadership/coordination and specific expertise may pose challenges to this effort.”
The NCCIC noted three cases that proved Anonymous’ interest in this area:
The NCCIC bulletin concludes that Anonymous has a limited ability to target ICS systems in a sophisticated manner but that “experienced and skilled members of Anonymous in hacking could be able to develop capabilities to gain access and trespass on control system networks very quickly.”