A ransomware attack has impacted the operations of a US-based natural gas compression facility, according to a security advisory from the US government.
The advisory, published today, doesn’t say when the incident took place, but merely summarizes the event and provides technical guidance for other critical infrastructure operators so they can take precautions against a similar attack.
HOW THE ATTACK UNFOLDED
According to the advisory, published by the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (DHS CISA), the incident took place after “a cyber threat actor used a spearphishing link to obtain initial access to the organization’s information technology (IT) network before pivoting to its operational (OT) network.”
By Catalin Cimpanu | February 18, 2020