News broke that a supply chain cyberattack has disrupted a chain of natural gas companies. It affected a software platform, developed by a company named Energy Services Group LLC, that is used to process customer transactions, according to Bloomberg News. Such data-exchange software is widely used in the gas industry, though the attack was limited to the Energy Services platform.
The attack on the billing platform impacted Texas-based Energy Transfer Partners LP, which owns more than 71,000 miles of pipelines containing natural gas, crude oil and other commodities. The Texas firm’s subsidiaries include the Panhandle Eastern Pipe Line Co., whose pipelines run from the Gulf Coast to the Midwest. IT security experts commented below.
Andrea Carcano, Co-Founder and Chief Product Officer at Nozomi Networks:
“The supply chain cyberattack that disrupted a chain of natural gas companies serves as yet another reminder that oil and gas organizations are high-risk targets. Attacks against them are growing, as evidenced by the recent Ponemon study that shows that sixty-eight percent of oil and gas organizations have experienced at least one cyber compromise. In this case, operations were not ultimately impacted and it’s not immediately clear that they were the target – however, we know that attackers often use IT networks and third-party resources to gain entry to OT networks. That’s why organizations must ensure that IT and OT security efforts are effectively aligned to achieve the best possible protection.”
Bob Noel, Director of Strategic Relationships and Marketing at Plixer:
“Critical infrastructure facilities should be on high alert that they are directly in the cross-hairs of bad actors and nation states. Legacy security approaches that have only focused on the perimeter have failed. It is imperative that these perimeter strategies be complimented with technologies like network traffic analysis (NTA) to scrutinize internal communications to strengthen their security posture. NTA collects data about every conversation on the network, runs advanced security algorithms to look for malicious activity in real-time, and provides historical forensic data to quickly identify the root cause in the event of a breach. Breaches are inevitable, so organizations must turn their focus to monitoring internal traffic and its behavior to protect themselves and the people who rely on their services.”
Tim Erlin, VP at Tripwire:
“Any doubt that critical energy infrastructure in the US is a target for cyber-attackers should be erased at this point. We’ve seen an increasing number of attacks, and increasingly successful attacks, across energy infrastructure.
Panic isn’t the answer to securing our critical infrastructure. Preparation and risk management are key.”