Security News > 2020 > February > U.S. Pipeline Disrupted by Ransomware Attack

U.S. Pipeline Disrupted by Ransomware Attack
2020-02-19 22:17

A ransomware attack has hit a natural gas compression facility in the U.S., the feds have warned.

The attack resulted in a two-day pipeline shutdown as the unnamed victim worked to bring systems back online from backups.

Security firm Dragos said that despite limited technical details, previous ransomware attacks provide a possible attack blueprint: "Current trends in ransomware leverage initial access into victim environments to capture credentials or compromise Windows Active Directory to gain widespread access to the victim's entire network," it said in a blog post on Wednesday.

The attack did not impact any programmable logic controllers, which are responsible for directly reading and manipulating those processes in industrial environments - this was because the attack was limited to Windows-based systems.

"While many organizations operate under the assumption that their ICS systems are isolated, increased connectivity, poor security awareness and human mistakes continue to expose critical infrastructure to attack. While the effect of these attacks might not be catastrophic, ransomware can cause significant disruption, bring systems down and further erode the public's confidence in the security of our critical systems."


News URL

https://threatpost.com/pipeline-disrupted-ransomware-attack/153049/