A ransomware attack on a US natural gas facility meant a pipeline had to be shut down for two days, the US Department of Homeland Security (DHS) has said.
However, it did not name the facility or say when the attack happened.
A malicious link sent to staff at the facility eventually caused the shutdown “of the entire pipeline asset”.
It was so severe in part because the organisation was not prepared for such an attack, the DHS statement said.
The incident was detailed in a security alert., which revealed it to be a “spear-phishing” attack, in which individuals are sent fraudulent but believable scam messages.
That let the attacker into the company’s IT network.
How did that shut down a pipeline?
Often, the “operational network” which runs computers in the factory is separated from the office IT – but not in this case, meaning the ransomware infection was allowed to spread.
Ransomware typically encrypts files on a victim’s computer and demands payment before offering to unlock them again – although there is no guarantee that the cyber-criminals who develop such software will be true to their word.
Media caption Technology explained: what is ransomware?
In the case of the natural gas facility, only one office was targeted, but others in different geographic locations were forced to close down, too.
The DHS said the affected organisation had not properly prepared for a cyber-attack of this kind – with its emergency plans being focused on all sorts of physical attacks instead.
“Consequently, emergency response exercises also failed to provide employees with decision-making experience in dealing with cyber-attacks,” the department added.
All organisations, regardless of what sector they are in, should prepare for the possibility of a ransomware attack, said Carl Wearn, head of e-crime at cloud email firm Mimecast.
Businesses could do this “by implementing offline back-ups with a fall-back email and archiving facility, as a minimum” he said.
Did you know?
60% of spoofed email attacks do not include a malicious link or attachment? When crafted well, most users are likely to fall victim to a highly targeted phishing attack. Many of your users think they are safe as long as they don’t click on something in an email, but through the use of a social engineering tactic called “pretexting”, the bad guys establish trust with your key users by pretending to be someone they know in order to carry out a damaging attack. These types of attacks usually do not have links or attachments and simply trick your users into replying to the email and performing actions that lead to monetary or data loss for your organization. With our security awareness training platform you can identify how many users take the bait before the bad guys do and train users to protect the business network and themselves.
How do I protect my data?
Having a reliable, secure, local, & cloud backup is one of the most critical and cost-effective strategies for any business. Anti-virus isn’t bulletproof and business users makes mistakes; ultimately costing time and money while services are restored. Is all your data backed up? How often and where? What is the plan if the local backup fails? Are your cloud backups secured with AES 256-bit encryption? These are critical questions in every business model and could make a potentially costly difference in getting back to business as usual. Raptor IT Consultants gives Sacramento business owners piece of mind with a comprehensive disaster recovery plan, designed by experienced IT support professionals to mitigate downtime.
Call the experts
Offering a one stop technology approach towards managed IT services and support for any organization; our goal is creating sustainable, efficient networks that are scaleable and adaptive towards your business needs. Let us mitigate your cost through proactive maintenance and by tailoring our services to evolve with your business needs. Our dedicated IT support experts leverage the latest technology to deliver the performance our customers demand! Call us for free to learn how your business can save time and money with our comprehensive managed IT service and support strategies. Call 916-542-1566 to speak with an expert.