Homeland Security sounds alarm. Unknown persons have attacked a natural gas compression plant in the USA.
In the US, cybercriminals have succeeded in shutting down an industrial plant. All it took was a wrong click from an employee.
The attack was launched by what is known as spearphishing. It appears that a company employee clicked on a link in an e-mail that looked deceptively real, but was malicious. The Departement of Homeland Security will not reveal which company it is.
The attackers managed to gain access first to the network and then to the network of the operating technology. They then released malware in both networks, which encrypted data. The operators were forced to shut down the systems in a controlled manner. This also affected one of the company's pipelines. It took two days before operations could be resumed.
While the impact was severe, CISA, the agency for cyber and infrastructure security, writes in its report that at no point did they lose control of the facility. The agency advises critical infrastructure operators to immediately review their networks and "take appropriate action".
Compared to other incidents in the past, the US company got off with a black eye. For example more than 200,000 systems around the globe were infected with malware in 2017. Even big companies were affected such as Fedex and Nissan.
In the same year several companies had to struggle with production problems because of the malware. The parent company of the condom manufacturer Durex complained about failures amounting to more than 100 million euros.