August 13, 2020

Volume X, Number 226

August 12, 2020

Subscribe to Latest Legal News and Analysis

August 11, 2020

Subscribe to Latest Legal News and Analysis

August 10, 2020

Subscribe to Latest Legal News and Analysis

Natural Gas Compressor Facility Shut Down After Ransomware Attack

The Department of Homeland Security (DHS) announced this week that a ransomware attack shut down a natural gas compressor facility for two days. While in the network, the attacker deployed software trying to “identify critical assets” before setting off the ransomware and in the process, may have also disabled detection processes in place to identify the ransomware. The date of the attack was not specified.

According to DHS, this attack is illustrative of the many attacks that are recently targeting energy and other critical infrastructure. The attack started through spear phishing emails that included malicious links. The attack allowed the intruder to access the information technology system, and because the IT system was not segmented from the operational technology (OT) system, the attacker was able to access the OT system as well.

Although the attackers were not able to obtain control over the facility, the facility implemented a controlled shutdown because the operator was unable to access and read operational information in real time. Unfortunately, according to reports, the facility’s emergency response plan did not address risk and response to cyber-attacks.

It is imperative that emergency response, incident response, contingent operations and disaster recovery plans all anticipate and are able to respond to cyber-attacks. DHS further urged critical infrastructure organizations to:

  • include cyber-risk planning in their incident response strategies;

  • practice failover to alternate control systems (back-ups);

  • conduct tabletop exercises to train employees, identify technical and human points of failure for operational visibility; and

  • recognize the safety implications of cyber-attacks, among other steps.

These are all basic cyber-hygiene practices that critical infrastructure facilities and operators may wish to consider implementing, particularly because of the devastation that could result from a significant cyber-attack.

Copyright © 2020 Robinson & Cole LLP. All rights reserved.National Law Review, Volume X, Number 51


About this Author

Linn F. Freedman, Robinson Cole Law Firm, Cybersecurity and Litigation Law Attorney, Providence

Linn Freedman practices in data privacy and security law, cybersecurity, and complex litigation. She provides guidance on data privacy and cybersecurity compliance to a full range of public and private clients across all industries, such as construction, education, health care, insurance, manufacturing, real estate, utilities and critical infrastructure, marine, and charitable organizations. Linn is a member of the firm's Business Litigation Group and chairs its Data Privacy + Cybersecurity Team. She is also a member of the Financial Services Cyber-Compliance Team (CyFi ...