Incident Of The Week: Hackers Target U.S. Gas Pipelines



Dan Gunderman
04/06/2018

In the dynamic world of cyber security, breaches are both tightly guarded and, sadly, imminent.

Combing through data, market research and threat-defense efforts taken by enterprises can be a daunting task. Here at Cyber Security Hub, we both track the latest industry news and make it more navigable for the IT professional. CSHub coverage extends outwards – as it helps enterprises batten down their proverbial hatches.

In this edition of “Incident of the Week,” we examine a cyber-attack on a shared data network which led natural-gas pipeline operators to shut down their digital communications.

According to the New York Times, the companies involved in the melee did not experience gas service interruptions. Steps taken with customer communication were described as a precaution. It’s also unclear if any customer data was stolen, The Times notes.

Those falling within the crosshairs this week were pipeline industry leaders Oneok, Energy Transfer Partners, Boardwalk Pipeline Partners and Eastern Shore Natural Gas. Each company reported hiccups in their communication systems.

The target, it seems, was Latitude Technologies, which supplies electronic data-sharing between pipeline companies, their gas producer and customers. Latitude handles critical communication for gas storage facilities, plus contracts and shipments.

See Related: Incident Of The Week: Orbitz Data Breach Exposes 880K Accounts

The larger effort, it appears, could be reconnaissance of the entire industry. Outside of critical data on consumers and industry leaders, these companies also hold information about exploratory methods and technological advancements – most of which could aid an adversary in a trade war.

Even at the pipeline level, companies have become dependent on technology to control valves, monitors and other equipment, The Times points out, most of which could likely be leveraged in a cyber-attack. The fiery possibilities of such an exploit have caused cyber experts to raise awareness about various vulnerabilities.

Latitude Technologies said in a statement that they “do not believe any customer data was compromised,” The Times writes.

The Department of Homeland Security (DHS) was investigating the incident. News of the hack comes just after the FBI said in a report that Russia was cyber-probing grids and infrastructure.

To mitigate at the federal level, the Trump administration reportedly plans to establish an office within the Department of Energy to protect the aforementioned networks.

Elsewhere…

In the fallout of the Atlanta, Ga. ransomware attack – which found hackers utilizing the potent SamSam malware strain – the city’s water department has indefinitely taken down its website. This comes two weeks after hackers demanded $51,000 in bitcoin to decrypt municipal systems.

The attack led city officials to seek old laptops to attempt to rebuild records. Law enforcement was also forced to resort to written case notes.

What’s more, Delta Airlines reported on Thursday that several hundred thousand customers could have had their information compromised in a cyber-breach. According to the Chicago Tribune, the airline is contacting customers who may have been affected and offering free credit monitoring.

The report notes that the breach occurred last fall, but it was not discovered until last week (March 28). Hackers zeroed in on [24]7.ai, which provides chat services for Delta. In the process, payment information may have been open to these hackers.

Delta is working with federal officials in an investigation into the breach, and according to The Tribune, it was likely resolved shortly after detection.

Be Sure To Check Out: Incident Of The Week: Server Configuration Error Exposes 33K Accounts