The U.S. Department of Homeland Security reported that due to the ransomware attack, an unnamed gas pipeline operator ran into a problem: a compressor unit for natural gas malfunctioned, causing the operator to be paralyzed for two days. When exactly this incident occurred, it is not reported, but the government warns other operators of critical infrastructure not to forget about safety measures.
According to the Cybersecurity and Infrastructure Protection Agency, organized by the U.S. Department of Homeland Security (DHS CISA), the incident occurred after attackers used targeted phishing via e-mail to obtain initial access to the organization’s network and then access to its operational network ( network with workstations to manage critical plant equipment and other manufacturing operations).
Having penetrated the operational network, the attackers deployed ransomware, which encrypted the company’s data in both networks (to cause maximum damage), and then demanded a ransom. According to DHS CISA, the attack did not affect the operation of the programmable logic controllers themselves, which directly interact with the factory equipment. However, the operation of human-machine interfaces, archive data storages, a polling server, and so on was disrupted, because of which people-operators were virtually deprived of the opportunity to interact normally with equipment, including the mentioned compressor installation.
As a result, as a precaution, the gas pipeline operator was forced to temporarily suspend operation, although the emergency plan in case of a cyber attack did not require a mandatory shutdown. The downtime lasted about two days, after which the work was resumed as usual.
Interestingly, just a few weeks ago, Dragos specialists published a report on the new EKANS (or Snake) ransomware, which was created specifically for attacks on industrial networks and industrial control systems that gas facilities and other critical infrastructure work with. To date, there is no evidence that it was EKANS that attacked the unnamed gas pipeline operator.
Recently news
BlueLeaks: activists published data of 200 police agencies in the public domain
US authorities offer $ 5 million for information about North Korean hackers
In the network of the US Department of Defense found mining malware
US Department of Defense contracted by Ryuk ransomware attack
746 arrests, 2 tons of drugs, 54 million pounds and dozens of weapons. EncroChat anonymous service successfully hacked in Europe
The new US state program provides for a complete transition to electric cars by 2035