February 21, 2020 •HoganTaylor
The US Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) recently highlighted a ransomware impacting pipeline operations. We wanted to bring this to your attention, as this type of attack could affect your business, as well.
This incident, which happened at a natural gas compression facility, was caused due to poor “Security Awareness Training.” The threat actor used a Spearphishing Link to gain access to the organization’s infrastructure and deploy ransomware to encrypt data in the organization’s operational technology network. The end result was a partial Loss of View for the human operators.
Though the organization had network segmentation implemented, it was either not robust enough or not implemented correctly because the threat actor was able to pivot to the control network and deploy the ransomware. Had this actor been more interested in control systems or inflicting damage as opposed to collecting a ransom, this would have been much worse—just think of what they could have done on the control network in your environment.
It’s also worth noting that the organization’s emergency response plan (ERP) did not specifically consider cyberattacks. All businesses would be well served to take a moment to review their ERP and verify they have a plan in place for a cyberattack.
Lastly, if you are not already receiving the US Department of Homeland Security’s “National Cyber Awareness System” alerts, we strongly encourage you to take a moment to sign up. This is an excellent free resource to keep you abreast of current threats that are actively being seen around the world.
If the contents of this alert have raised any concerns, or if you would like assistance assessing the environments in your organization, HoganTaylor Technology professionals who work hand-in-hand with HoganTaylor’s Energy practice can help. For more information, please contact Jeff Koweno, HoganTaylor Energy Practice Lead, at jkoweno@hogantaylor.com.
INFORMATIONAL PURPOSE ONLY. This content is for informational purposes only. This content does not constitute professional advice and should not be relied upon by you or any third party, including to operate or promote your business, secure financing or capital in any form, obtain any regulatory or governmental approvals, or otherwise be used in connection with procuring services or other benefits from any entity. Before making any decision or taking any action, you should consult with professional advisors.
Protecting and preserving the things that have made your organization successful starts with understanding what makes it vulnerable.