Submission + - US Natural Gas Plant and Pipelines Shut After Ransomware Attack (infosecurity-magazine.com)
Garabito writes: The Department of Homeland Security has revealed that an unnamed US natural gas compression facility was forced to shut down operations for two days after becoming infected with ransomware.
The plant was targeted with a phishing e-mail, that allowed the attacker to access its IT network and then pivot to its OT (control) network, where it compromised Windows PCs used as human machine interface (HMI), data historians and polling servers, which led the plant operator to shut it down along with other assets that depended on it, including pipelines.
According to the DHS CISA report, the victim failed to implement robust segmentation between the IT and OT networks, which allowed the adversary to traverse the IT-OT boundary and disable assets on both networks.
The plant was targeted with a phishing e-mail, that allowed the attacker to access its IT network and then pivot to its OT (control) network, where it compromised Windows PCs used as human machine interface (HMI), data historians and polling servers, which led the plant operator to shut it down along with other assets that depended on it, including pipelines.
According to the DHS CISA report, the victim failed to implement robust segmentation between the IT and OT networks, which allowed the adversary to traverse the IT-OT boundary and disable assets on both networks.
US Natural Gas Plant and Pipelines Shut After Ransomware Attack More Login
US Natural Gas Plant and Pipelines Shut After Ransomware Attack
Slashdot Top Deals