Ransomware Shuts Gas Compressor for 2 Days in Latest Attack

A recent ransomware attack caused a US natural gas compressor facility to shut for 2 days, the latest in a string of attacks targeting the country’s energy infrastructure over the past few years.

Hackers sent emails with a malicious link to gain control of the facility’s information technology system, the Department of Homeland Security (DHS) said in an alert on 18 February. The agency didn’t say which facility was targeted, when the attack occurred, or who was behind it.

It appears likely that the attacker explored the facility’s network to “identify critical assets” before executing the ransomware attack, according to Nathan Brubaker, a senior manager at the cybersecurity firm FireEye. This tactic—which has become increasingly popular among hackers—makes it “possible for the attacker to disable security processes that would normally be enough to detect known ransomware indicators,” he said.

The DHS alert comes amid increased concern about whether aging US energy facilities are equipped to ward off cyberattacks that could result in power failures and disruptions to oil and natural gas supply. In 2018, several pipeline companies saw their electronic systems for communicating with customers shut down after being targeted by hackers.

Read the full story here.

ADVERTISEMENT


SUBSCRIBE

Don't miss our latest HSE content, delivered to your inbox twice monthly. Sign up for the HSE Now newsletter.  If you are not logged in, you will receive a confirmation email that you will need to click on to confirm you want to receive the newsletter.

 

UPCOMING HSE EVENTS

 

 

HSE Now is a source for news and technical information affecting the health, safety, security, environment, and social responsibility discipline of the upstream oil and gas industry.