Ransomware attack has hit a natural gas compression facility in the U.S., the feds have warned. The attack resulted in a two-day pipeline shutdown as the unnamed victim worked to bring systems back online from backups. The facility admitted that its disaster recovery plans only included physical emergency scenarios, not cyber-related attacks. The incident highlights a lack of cybersecurity preparedness within the legacy environments of industrial and critical infrastructure, an analyst said. CISA said that the attack was likely to be similar to that of Ryuk, MegaCortex and Sodinokibi.
Source: https://threatpost.com/pipeline-disrupted-ransomware-attack/153049/