Ransomware Attack Breaches U.S. Compressor Station

The U.S. Dept. of Homeland Security (DHS) said Feb. 18 that a ransomware attack recently caused a gas compressor facility to shut down for two days.

Following standard DHS protocol, the alert (AA20-049A) did not disclose the name of the facility, its location, or the date of the attack. DHS also did not say if a ransom demand was actually made.

Hackers used a spearphishing link sent through email to gain access to the owner’s information technology (IT) network and then pivoted to its operational technology (OT) network. The hackers used ransomware to encrypt data on both networks.

On the OT network, the attack affected ‘human machine interfaces (HMIs), data historians, and polling servers. Windows-based assets were no longer able to read and aggregate real-time operational data reported from low-level OT devices, resulting in a partial loss of view for human operators.

“The attack did not impact any programmable logic controllers and at no point did the victim lose control of operations,” DHS said.

It said the victim’s emergency response plan focused primarily on physical threats and did not specifically consider the risks posed by cyberattacks, so employees lacked training for such occurrences. The victim was able to obtain replacement equipment and load last-known-good configurations to facilitate the recovery process.

“Although the direct operational impact of the cyberattack was limited to one control facility, geographically-distinct compression facilities also had to halt operations because of pipeline transmission dependencies. This resulted in an operational shutdown of the entire pipeline asset lasting approximately two days,” DHS said.

Related Articles

Burckhardt, BW LNG Sign 10-Year Contract
Baker Hughes Gets Major LNG Order In Qatar
MHI Compressor Nets Compression Deal
Saudi Aramco Selects Siemens Compressors
Siemens Supplying 17 Compressors To Refinery
MAN Providing Compressor Trains For CO2 Project
Celeroton Introduces New Turbo Compressor
Ariel Introduces KBE Compressor

Latest News

Plains Midstream To Expand Stake In Alberta Plants
MAN Sending Seven Compressors For FPSO
Emissions Specs-at-a-Glance 2020
Energy Companies Partner To Curb Emissions
BP’s Qattameya field gas begins to flow
Burckhardt, BW LNG Sign 10-Year Contract
Sundyne Makes Personnel Moves
Siemens, Bentley Jointly Launch Maintenance Monitoring Product
Tachyus Names New CEO

Log In

Forgotten Password?

Haven’t got an account? Click here to register.