US Department of Homeland Warns Of Ransomware Attacks After Pipeline Operations Affected

in departmentofhomelandsecurity •  5 years ago 


US Department of Homeland has issued an alert regarding the threat of ransomware attacks. DHS warns about it after a US Pipeline Operations facility suffered a ransomware attack.

Ransomware Attack On Gas Pipeline Operator


Reportedly, the US DHS is warning enterprises about the threat of ransomware attacks through a recent advisory. To back their alert, DHS has also shed light on a previous ransomware attack on a Pipeline Operations facility.

Though, they haven’t mentioned any timelines of the incident, they have disclosed the ransomware attack mentioning CISA’s role in its rectification. As stated in their advisory,

CISA responded to a cyberattack affecting control and communication assets on the operational technology (OT) network of a natural gas compression facility.
Regarding how it happened, they revealed that the attackers targeted the said facility with spearphishing to gain access to the informational and operation technology (IT and OT) networks. Then, they deployed ransomware on both networks. The attackers succeeded because of a security flaw at the victim’s end – absence of segmentation between IT and OT networks.

Explaining the entire scenario, the Cybersecurity and Infrastructure Security Agency (CISA) warns everyone to remain vigilant.

DHS Suggested Mitigations


Alongside explaining the threat scenario, CISA has also shared various planning, operational, technical and architectural mitigations to fend off these attacks. Some of these include,

  • Ensuring a robust emergency response plan covering all possible impacts in the event of a cyber attack.
  • Identify points of failure.
  • Recognize physical risks by cyber attacks.
  • Implementing robust network segmentation between IT and OT networks.
  • Implementing multi-factor authentication to access networks.
  • Restricting user access to networks.
  • Deploying spam filters to combat phishing.
  • Keeping software updated.
  • Schedule antimalware scans.
  • App whitelisting.
  • Restricting Remote Desktop Protocol (RDP).
Despite all the suggestive details, DHS hasn’t revealed the name of the ransomware involved in the attacks. Nor did they mention the affected pipeline operations facility.

Let us know your thoughts in the comments.


Posted from my blog with SteemPress : https://latesthackingnews.com/2020/02/21/us-department-of-homeland-warns-of-ransomware-attacks-after-pipeline-operations-affected/

Authors get paid when people like you upvote their post.
If you enjoyed what you read here, create your account today and start earning FREE STEEM!
Sort Order:  

We always love having successful bloggers come to Steemit to monetize their work. If you are indeed the person who writes that blog, you should reference Steemit on your web page so that we know it is you. I like your work, so I am giving you one vote and this note. Cheers.

Hi! I am a robot. I just upvoted you! I found similar content that readers might be interested in:
https://latesthackingnews.com/2020/02/21/us-department-of-homeland-warns-of-ransomware-attacks-after-pipeline-operations-affected/