The Department of Homeland Security has reported that an unnamed US natural gas company was forced to shut down operations for two days after being infected with ransomware. The ransomware was able to make its way into the company’s Information Technology (IT) network and then infect computers on Operational Technology (OT) by way of a spear-phishing email. While the ransomware was not mentioned by name, the DHS’s Cybersecurity and Infrastructure Security Agency (CISA) did say that it was a more commonly known variant designed to target Windows systems. The CISA report also states that the company was not well prepared for a cyber-attack and that their emergency response plan only included recovery schemes for attacks of a physical nature. Fortunately, the ransomware was not able to impact any programmable logic controllers (PLCs) responsible for directly reading and manipulating physical processes.
By Akshay Rohatgi and Randy Pargman About this Student Research Project Binary Defense’s mission is