The Cybersecurity and Infrastructure Agency (CISA) responded to a ransomware attack that targeted a U.S. natural gas facility, forcing it to shut down for two days. CISA did not reveal when the incident happened or the identity of the victim organization.
An employee of the facility clicked on a malicious link from a spear-phishing email, allowing a malicious actor to jump from the gas compression facility’s IT network onto the operational technology (OT) network. The attacker was then able to deploy data-encrypting ransomware on the networks.
About the Author
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.
