Vertical markets, Breach, Channel markets, Content, Malware

Hackers Hit Four U.S. Natural Gas Pipeline Operators Via 3rd-Party Provider

Hackers have hit a third-party communications system used by at least four U.S. natural gas pipeline companies, a new report said. So far, the cyber attacks, which occurred in the past few days, have not compromised operations at any of the facilities. At this point, there’s no word about who or what’s behind the service disruption.

On Monday, the communications systems of Energy Transfer Partners, Boardwalk Pipeline Partners and Chesapeake Utilities’ Eastern Shore Natural Gas broke down, Bloomberg reported. The following day, Oneok, a natural gas pipeline operator in Texas and the Rocky Mountain region, took its system offline as a precaution following a March 29 outage. The U.S. Department of Homeland Security (DHS) is reportedly investigating the exploits.

Energy Transfer Partners was the first outfit to report problems with its electronic data interchange (EDI) system, a technology used by businesses to exchange procurement materials such as purchase orders and invoices, and to encrypt transactions. The cyber attack was apparently aimed at Energy Services Group’s Latitude Technologies wing, which provides EDI to roughly 100 natural gas pipelines among other entities, Bloomberg said.

“We do not believe any customer data was compromised,” Latitude said in a posted message. Latitude provides EDI communication services to Energy Transfer and Eastern Shore. It restored its own system on Monday and Energy Transfer’s set up was operational as of Monday night, Bloomberg reported.

The incidents are reminiscent of word last month that Russian cyber attackers had gained access to U.S. critical infrastructure and could have shut down or crippled nuclear power plants and systems controlling water, electricity, aviation and commercial manufacturing. Similar to the new pipeline attackers, in those instances the bad actors targeted trusted third-party suppliers with less secure networks that ultimately served as pivot points and malware depots to target the intended victims.

In this case, it’s thought that the hackers may have hit Latitude’s EDI system to test a way in the door to the natural gas pipeline operators’ networks. Rae McQuade, president of the North American Energy Standards Board, told Bloomberg that although the shutdowns didn’t compromise operations the hack did make companies work around the addled communications systems.

Bryan Singer, director of Security Services at IOActive, told SecurityWeek that “hackers can cause some intermediate problems at first, but if they have access long enough, there’s a possibility that airports could go down and gas stations could run out of gas. If they’re able to maintain an attack for a couple days, there can be very large downstream impact.”

Six years ago, a cyber emergency response division of DHS said it had identified a number of cyber attacks targeting natural gas pipeline companies.

D. Howard Kass

D. Howard Kass is a contributing editor to MSSP Alert. He brings a career in journalism and market research to the role. He has served as CRN News Editor, Dataquest Channel Analyst, and West Coast Senior Contributing Editor at Channelnomics. As the CEO of The Viewpoint Group, he led groundbreaking market research.