The Cybersecurity and Infrastructure Security Agency (CISA) revealed that a natural gas compression facility suffered a ransomware attack.
According to CISA Alert (AA20-049A), digital attackers leveraged a spearphishing link and abused the lack of robust network segmentation to infect Windows-based assets on both the IT and OT networks at a natural gas compression facility. Those affected OT assets included HMIs, data historians and polling servers based at a single geographic facility.
“While we like to think of OT networks as being populated with proprietary and unique devices, the reality is that there are an awful lot of Windows systems in these environments,” said Tim Erlin, VP of product management & strategy at Tripwire. “They are vulnerable to traditional IT threats like ransomware.”