Slash Boxes

SoylentNews is people

posted by martyb on Thursday February 20 2020, @06:57AM   Printer-friendly
from the blames-Jumpin'-Jack-Flash dept.

US natural gas operator shuts down for 2 days after being infected by ransomware:

A US-based natural gas facility shut down operations for two days after sustaining a ransomware infection that prevented personnel from receiving crucial real-time operational data from control and communication equipment, the Department of Homeland Security said on Tuesday.

Tuesday's advisory from the DHS' Cybersecurity and Infrastructure Security Agency, or CISA, didn't identify the site except to say that it was a natural gas-compression facility. Such sites typically use turbines, motors, and engines to compress natural gas so it can be safely moved through pipelines.

The attack started with a malicious link in a phishing email that allowed attackers to pivot from the facility's IT network to the facility's OT network, which is the operational technology hub of servers that control and monitor physical processes of the facility. With that, both the IT and OT networks were infected with what the advisory described as "commodity ransomware."

The infection didn't spread to programmable logic controllers, which actually control compression equipment, and it didn't cause the facility to lose control of operations, Tuesday's advisory said. The advisory explicitly said that "at no time did the threat actor obtain the ability to control or manipulate operations."

Still, the attack did knock out crucial control and communications gear that on-site employees depend on to monitor the physical processes.

[...] Facility personnel implemented a "deliberate and controlled shutdown to operations" that lasted about two days. "Geographically distinct compression facilities also had to halt operations because of pipeline transmission dependencies," the advisory said. As a result, the shutdown affected the entire "pipeline asset," not just the compression facility. Normal operations resumed after that.

Also at threatpost.

Original Submission

This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 0) by Anonymous Coward on Thursday February 20 2020, @07:05AM (2 children)

    by Anonymous Coward on Thursday February 20 2020, @07:05AM (#960222)

    Why don't those good-for-nothing congresscritters regulate 'ransomware on a computer is illegal', increase the jail time and be done with it once and for all? Do they wait for a national security crisis to shine or what?

    I mean, look, if π can be regulated to a more friendly value of 3, this should be a piece of cake. And, while at it, they should repeal those pesky laws of thermodynamics, this is a serious red-tape that prevent cheap energy and jobs for Americans.

    (large grin)

  • (Score: 1) by khallow on Thursday February 20 2020, @11:27AM

    by khallow (3766) Subscriber Badge on Thursday February 20 2020, @11:27AM (#960252) Journal
    I have to agree. Why aren't our lawmakers making it illegal to do illegal things? We need more "This time we mean it" laws!
  • (Score: 0) by Anonymous Coward on Thursday February 20 2020, @02:05PM

    by Anonymous Coward on Thursday February 20 2020, @02:05PM (#960276)

    Uh... Maybe because of this? [] []

    What? It's not about ransomware?
    But "if you want your [item] back in working conditions you have to pay us, or Else..."
    No? Oh, ok, my bad. Sorry. :D