US Gas Pipelines Hit by Cyber-Attack

Several US gas pipelines have been hit after a cyber-attack targeted a third-party supplier.

Latitude Technologies, which supplies “electronic data interchange” (EDI) services to some of the country’s largest energy providers, appears to have been the target of the attack.

The computer-to-computer exchange of documents it facilitates allows providers to do business with their customers.

The last update from Latitude on Tuesday at 7:49 am revealed that the company had completed an initial restoration of its system.

It added:

“We are now working towards increasing performance. While we believe things to be fully restored, we will continue to monitor for gaps in functionality. Please notify us if you encounter any missing capabilities so we can address them ASAP.”

It’s still unclear whether the attackers were targeting customer data or looking to extract money from the company via DDoS or ransomware – although Latitude said it doesn’t think any customer data was compromised and its partners' gas supply wasn’t affected.

However, several pipeline providers confirmed to Bloomberg that they were affected by a cyber-attack in the past few days: Oneok, Boardwalk Pipeline Partners, Energy Transfer Partners and Eastern Shore Natural Gas.

The latter two are thought to be Latitude Technologies customers.

The attacks come at a time of heightened tension between the US and Russia, with the DHS and FBI issuing an alert last month that the Kremlin has been targeting US critical infrastructure for some time.

In the UK, the National Cyber Security Centre went public last year in naming Russian state hackers as targeting the country’s energy, telecommunications and media industries.

A Siemens-Ponemon study from 2017 claimed 68% of oil and gas companies had experienced at least one compromise over the past 12 months.

“The lesson is clear: if you’ve moved your business-critical operations to the internet then you’re going to need to have adequate cyber-security defenses to ensure resilience,” argued Andrew Lloyd, president of Corero Network Security. “Increasingly, customers and regulators have zero tolerance of unscheduled downtime. Consequently, investing in proactive cybersecurity protection should no longer be an option for digital enterprises.”

Fred Kneip, CEO of CyberGRX, added that the latest attacks on US gas pipeline infrastructure highlights the importance of third-party risk management.

“There is a good reason that hackers have been attacking weak links in targets’ digital ecosystems for years: it’s often the easiest path to accessing data or distributing malicious content,” he claimed. “It doesn’t matter how well an organization protects its own perimeter if third parties with weak security controls create vulnerabilities that can be easily exploited. While even the most thorough risk assessment can’t guarantee there’s no malware inside a staging target’s network, it can uncover red flags pointing to weak security controls that leave it vulnerable.”

What’s Hot on Infosecurity Magazine?