这个周末,.S. 管道操作符, 殖民地的管道, shut down its entire network due to one of the largest cyber-attacks in American infrastructure history.
殖民地的管道 is one of the largest 管道操作符s in the U.S. 并经营运输汽油的管道, 柴油燃料和天然气沿5个以上,从德克萨斯到新泽西的1000英里, 大致构成 所有燃料的45% 在东海岸消费. DarkSide, an Eastern European-based criminal organization is the 主要怀疑 根据….S. 但这一说法尚未得到证实.
在一个 官方声明 殖民地的管道在其网站上发表声明称:
On May 7, the 殖民地的管道 Company learned it was the victim of a cybersecurity attack. 我们已经确定这次事件与勒索软件有关. 在回应, we proactively took certain systems offline to contain the threat, 导致所有管道作业暂时停止, 并影响了我们的一些IT系统. 得知此事后, 一个主要, 聘请了第三方网络安全公司, and they have launched an investigation into the nature and scope of this incident, 正在进行中. 我们已经联系了执法部门和其他联邦机构.
的 拜登管理 has been vocal about bolstering the nation’s cybersecurity efforts and is reportedly taking an 全体人员准备就绪 处理问题的方法. 埃里克·戈尔茨坦, Executive Assistant Director of the CISA 网络安全 division, 对这次袭击发表评论:
This underscores the threat that ransomware poses to organizations regardless of size or sector. We encourage every organization to take action to strengthen their cybersecurity posture to reduce their exposure to these types of threats.
While there is no ETA for service restoration and no sign this disruption will have an immediate effect on the fuel markets, there is concern that a prolonged shutdown could eventually impact gas supplies and prices – especially with many parts of the country lifting COVID-19 restrictions and the existing discussion around potential 燃料短缺 今年夏天.
This attack joins the growing list of high profile ransomware attacks over the last year, and is part of a concerning trend of ransomware gangs targeting companies in the industrial sector due to their willingness to pay and in many cases not report the incident publicly. 事实上,中钢协发布了一份 官方警告 on ransomware threats last year specifically for 管道操作符s following an attack on a natural gas compression facility that caused a two-day shutdown.
的 bet9游戏平台 cybersecurity team has experience working with several clients in the oil and gas industry, 我们的红队使用多个SCADA系统. We know first hand how dangerous controls like these can be in the wrong hands and while this case is simply financially motivated, there are many instances where hactivist groups and foreign bodies are simply looking to send a message through cyber-attacks.
不管殖民地输油管道的情况如何解决, cybersecurity experts agree that attacks on critical infrastructure in the public and private sector will only continue to grow until organizations can build defenses to keep pace with the ransomware epidemic.
关于施耐德唐斯网络安全
的 bet9游戏平台 cybersecurity practice consists of experts offering a comprehensive set of information technology security services, 包括渗透测试, 入侵防御/检测审查, ransomware安全, vulnerability assessments and a robust digital forensics and incident response team. 欲了解更多信息,请访问 xzu0.bellezhang.com/cybersecurity 或bet9平台游戏的团队 cybersecurity@bellezhang.com.
此外,我们的 数字取证和事件响应 teams are available 24x7x365 at 1-800-993-8937 if you suspect or are experiencing a network incident of any kind.