CISA warns critical infrastructure sectors after successful ransomware attack on pipeline operator
The Department of Homeland Security CISA is warning critical infrastructure operators to redouble their security efforts after a natural gas compression facility was hit and shut down by a ransomware attack. The attackers used a spearphishing email containing a link to gain access to the operator’s network and then moved laterally to the target’s operational technology (OT) network where ransomware was downloaded encrypting files on both networks. This resulted in a loss of availability on the OT network to include human machine interfaces, data historians, and polling servers.
Recent Posts