Industry News

Cyber Attacks

Ransomware Leads to Pipeline Shutdown

March 23, 2020
Robert Bergman

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) confirmed last month that unknown entities had launched a cyberattack on the operational technology (OT) network of a natural gas compression facility.

The intruder used a Spearphishing Link to obtain initial access to the organization’s information technology (IT) network before pivoting to the OT network. They then deployed commodity ransomware to Encrypt Data for Impact on both networks. Assets experiencing a Loss of Availability on the OT network included human machine interfaces (HMIs), data historians, and polling servers. The Impacted assets were no longer able to read and aggregate real-time operational data reported from low-level OT devices, depriving human operators with a partial Loss of View. The attack did not impact any programmable logic controllers (PLCs) and at no point did the victim lose control of operations. Although the victim’s emergency response plan did not cover cyberattacks specifically, plant management decided to implement a deliberate and controlled shutdown until the situation was resolved.

Although ransomware more commonly afflicts IT networks, this shows that OT data networks are not immune.

Read the full CISA report here.

Cyber Attacks

CISA Issues New Ransomware Guide

October 6, 2020
Sam Galpin

Sam Galpin, Bedrock Automation Fellow The US Cybersecurity and Infrastructure Security Agency (CISA) has issued a new Ransomware Guide. […]

Cyber Attacks

U.S. Security Agencies Warn of Cyber Attack Threats to Unauthenticated PLCs and other OT

August 27, 2020
Robert Bergman

The National Security Agency (NSA) and the Cybersecurity and Infrastructure Security Agency (CISA) have urged critical infrastructure facilities to take […]

Cyber Attacks