Security News > 2020 > February > US gas pipeline shut down due to ransomware

An unnamed US gas pipeline operator has falled victim to ransomware, which managed to encrypt data both on its IT and operational technology networks and led to a shutdown of the affected natural gas compression facility, the Cybersecurity and Infrastructure Security Agency has revealed.

"Although the direct operational impact of the cyberattack was limited to one control facility, geographically distinct compression facilities also had to halt operations because of pipeline transmission dependencies. This resulted in an operational shutdown of the entire pipeline asset lasting approximately two days."

The ransomware used in the attack has not been named, so we don't know whether it's EKANS, the recently uncovered ransomware that's able of stopping a number of processes related to industrial control system operations.

Robust network segmentation between IT and OT networks.

The Transportation Security Administration - an agency of the US Department of Homeland Security - is tasked with developing broad policies to protect US pipelines, and offers resources and assessments to help pipeline operators enhance their cybersecurity posture - though there have been calls for an increased mandatory oversight of cybersecurity for gas pipelines and for transferring the oversight responsibility for gas pipelines from the TSA to the US Department of Energy.

News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/uRZcz-65Fkg/