Ransomware attack on US Gas supply

676

DHS has issued an advisory yesterday citing a recent ransomware attack on a natural gas supplier as an example that critical infrastructure in the United States was super-vulnerable to cyber attacks. The security advisory has highlighted the fact that companies should take the incident as a wake-up call and take all necessary measures to prevent such incidents from hitting their infrastructure in the future.

 


Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency disclosed to the media that a threat actor somehow managed to induce a spear-phishing link into the IT infrastructure of the natural gas compression facility and obtains access to some data.

 

However, before any untoward situation occurred, the IT staff were quick enough to spot the attack and neutralize it in time. Details on when the incident occurred and the name of the gas supply operator has been kept as a secret from media for reasons.

 

As the ransomware did not come in contact with the Programmable Logic Controllers(PLCs), the factor operations remained unaffected. However, the operator decided to go for a deliberate shutdown to get clear access to the situation.

 

Although the name of the ransomware strain is yet to be revealed to the media, the suspicion pointer is hitting hard at the Snake Ransomware aka EKANS Ransomware which is known as malware that targets only industrial control systems.

 

Note- Snake Ransomware spreaders are known to steal data at first and then encrypt the database. And this is done to ensure that the hackers never go empty-handed if the victim refuses to pay the ransom as they can sell the data on the dark web marketplace and make a merry.