Security News > 2020 > February > U.S. Pipeline Disrupted by Ransomware Attack
A ransomware attack has hit a natural gas compression facility in the U.S., the feds have warned.
The attack resulted in a two-day pipeline shutdown as the unnamed victim worked to bring systems back online from backups.
Security firm Dragos said that despite limited technical details, previous ransomware attacks provide a possible attack blueprint: "Current trends in ransomware leverage initial access into victim environments to capture credentials or compromise Windows Active Directory to gain widespread access to the victim's entire network," it said in a blog post on Wednesday.
The attack did not impact any programmable logic controllers, which are responsible for directly reading and manipulating those processes in industrial environments - this was because the attack was limited to Windows-based systems.
"While many organizations operate under the assumption that their ICS systems are isolated, increased connectivity, poor security awareness and human mistakes continue to expose critical infrastructure to attack. While the effect of these attacks might not be catastrophic, ransomware can cause significant disruption, bring systems down and further erode the public's confidence in the security of our critical systems."
News URL
https://threatpost.com/pipeline-disrupted-ransomware-attack/153049/
Related news
- JetBrains is still mad at Rapid7 for the ransomware attacks on its customers (source)
- Stanford: Data of 27,000 people stolen in September ransomware attack (source)
- Nissan confirms ransomware attack exposed data of 100,000 people (source)
- TeamCity Flaw Leads to Surge in Ransomware, Cryptomining, and RAT Attacks (source)
- What the Latest Ransomware Attacks Teach About Defending Networks (source)
- Lessons from a Ransomware Attack against the British Library (source)
- Jackson County in state of emergency after ransomware attack (source)
- Panera Bread week-long IT outage caused by ransomware attack (source)
- The Week in Ransomware - April 5th 2024 - Virtual Machines under Attack (source)
- How can the energy sector bolster its resilience to ransomware attacks? (source)