The Department of Homeland Security on Wednesday urged companies operating critical systems to review their cybersecurity security measures following a ransomware attack on a natural gas compression facility that caused management to lose access and visibility to certain data and operations.
“Although they considered a range of physical emergency scenarios, the victim’s emergency response plan did not specifically consider the risk posed by cyberattacks. Consequently, emergency response exercises also failed to provide employees with decision-making experience in dealing with cyberattacks,” noted the alert from the Cybersecurity and Infrastructure Security Agency. Read NewsMax article
The actual CISA report detailed that although actual control of the natural gas operations was never lost, the plant was shut down for two days which resulted in loss of revenue because they lost visibility over the operations. Apparently the company ignored many best practices in segmenting their IT (regular) and OT (operations) networks and failed provide operators with the necessary preparation and training for decision-making during a cyber attack.
Having sit through a DHS preparedness training at a utilities operation, I was made aware that the nation’s infrastructure, whether electric, water, or gas and oil supplies, is a known target of terrorist. This recent cyber attack simply proves what DHS has been warning about all along and should be taken seriously. I would venture to say that there are numerous other such companies that have failed to prepare and take the necessary precautions.