US Department of Homeland Warns Of Ransomware Attacks After Pipeline Operations Affected

  •  
  •  
  •  
  • 2
  • 2
  •  
  •  
    4
    Shares

US Department of Homeland has issued an alert regarding the threat of ransomware attacks. DHS warns about it after a US Pipeline Operations facility suffered a ransomware attack.

Ransomware Attack On Gas Pipeline Operator

Reportedly, the US DHS is warning enterprises about the threat of ransomware attacks through a recent advisory. To back their alert, DHS has also shed light on a previous ransomware attack on a Pipeline Operations facility.

Though, they haven’t mentioned any timelines of the incident, they have disclosed the ransomware attack mentioning CISA’s role in its rectification. As stated in their advisory,

CISA responded to a cyberattack affecting control and communication assets on the operational technology (OT) network of a natural gas compression facility.

Regarding how it happened, they revealed that the attackers targeted the said facility with spearphishing to gain access to the informational and operation technology (IT and OT) networks. Then, they deployed ransomware on both networks. The attackers succeeded because of a security flaw at the victim’s end – absence of segmentation between IT and OT networks.

Explaining the entire scenario, the Cybersecurity and Infrastructure Security Agency (CISA) warns everyone to remain vigilant.

DHS Suggested Mitigations

Alongside explaining the threat scenario, CISA has also shared various planning, operational, technical and architectural mitigations to fend off these attacks. Some of these include,

  • Ensuring a robust emergency response plan covering all possible impacts in the event of a cyber attack.
  • Identify points of failure.
  • Recognize physical risks by cyber attacks.
  • Implementing robust network segmentation between IT and OT networks.
  • Implementing multi-factor authentication to access networks.
  • Restricting user access to networks.
  • Deploying spam filters to combat phishing.
  • Keeping software updated.
  • Schedule antimalware scans.
  • App whitelisting.
  • Restricting Remote Desktop Protocol (RDP).

Despite all the suggestive details, DHS hasn’t revealed the name of the ransomware involved in the attacks. Nor did they mention the affected pipeline operations facility.

Let us know your thoughts in the comments.

The following two tabs change content below.

Abeerah Hashim

Abeerah has been a passionate blogger for several years with a particular interest towards science and technology. She is crazy to know everything about the latest tech developments. Knowing and writing about cybersecurity, hacking, and spying has always enchanted her. When she is not writing, what else can be a better pastime than web surfing and staying updated about the tech world! Reach out to me at: [email protected]

Abeerah Hashim

Abeerah has been a passionate blogger for several years with a particular interest towards science and technology. She is crazy to know everything about the latest tech developments. Knowing and writing about cybersecurity, hacking, and spying has always enchanted her. When she is not writing, what else can be a better pastime than web surfing and staying updated about the tech world! Reach out to me at: [email protected]

Do NOT follow this link or you will be banned from the site!