OT Pipeline Attack Shuts Down Compression Facility
INCIDENT
A cyberattack hit the control and communication assets on the operational technology (OT) network of a natural gas compression facility forcing it to shut down for two days.
An attacker used a spearphishing link to obtain initial access to the organization’s information technology (IT) network before pivoting to its OT network, according to a report from Cybersecurity and Infrastructure Security Agency (CISA). The attacker then deployed commodity ransomware to encrypt data for impact on both networks. Specific assets experiencing a loss of availability on the OT network included human machine interfaces (HMIs), data historians, and polling servers.
Type of Malware
No Malware identified
Threat Source
No threat source identified