The Most Comprehensive Data Protection Solution

Discover, classify, and protect your data from all threats with the only Gartner Magic Quadrant DLP and Forrester Wave EDR Leader.

First and Only Solution to Converge:

  • Data Loss Prevention
  • Endpoint Detection and Response
  • User and Entity Behavior Analytics
DATAINSIDER

Digital Guardian's Blog

Gas Pipeline Company Recovers From Cyberattack

by Chris Brook on Thursday April 5, 2018

Contact Us
Free Demo
Chat

At least four U.S. pipeline companies had their data systems disrupted following a cyberattack this week.

A billion dollar pipeline company was able to mitigate a cyberattack that struck its data system earlier this week.

The attack brought down a platform the company, Energy Transfer Partners LP, a natural gas and propane company headquartered in Dallas, uses to process customer transactions and invoices.

According to Bloomberg, which broke the news midday Monday, the company managed to remediate the issue by 6 p.m. that day.

The company, which merged with Sunoco Logistics Partners LP last summer, is the largest pipeline company in the United States by annual volume transported and the second when it comes to miles of infrastructure. The company oversees more than 71,000 miles of pipelines across 38 states in the U.S. Most of those miles are concentrated in Texas but many also stretch to Chicago, through Oklahoma and the midwest to Los Angeles, and through the Southeast to Miami.

It's unclear who carried out the attack and how—the company only told the publication that there had been a cyber attack and that it impacted EDI, an electronic communication system used by gas companies.

EDI, also known as electronic data interchange services, is a service provided by Latitude Technologies to more than 100 natural gas pipelines, storage facilities, utilities, law firms and energy marketers, according to the company's site. Latitude, which was acquired by Energy Services Group, said in a status update Monday that it had completed the initial restoration of EDI Services and was working to increase its performance.

whitepaper

Digital Guardian Technical Overview

Energy Transfers Partners told Data Insider Thursday the attack didn't affect the flow of natural gas, nor did it compromise any data.

"There was an attack on a third-party service provider. The situation did not impact our operations as we handled all scheduling in house during this time," the company said in a prepared statement.

Energy Transfers Partners was just one of a handful of pipeline companies to experience a cyberattack this week. Oneok Inc. said it disabled its EDI system as a precaution after one of its third-party providers was targeted on Tuesday. The company distributes natural gas liquids (NGL) across the Rocky Mountain, Mid-Continental, and Texas' Permian Basin region. Two other companies, Boardwalk Pipeline Partners LP, and Chesapeake Utilities Corp.’s Eastern Shore Natural Gas, also experienced EDI outages on Monday according to Bloomberg.

The attack comes about five months after the U.S. government issued a public warning of a campaign in which hackers were focusing their efforts on energy and industrial firms. The warning, a joint email via the Department of Homeland Security and the Federal Bureau of Investigation, said specifically that nuclear, energy, aviation, water and critical manufacturing industries were being targeted going back to May 2017.

The warning preceded a report issued by the DHS last month that publicly accused Russia of being behind a series of cyberattacks targeting American and European critical infrastructure, like power plants, water, and electric systems.

In the report, (.PDF) released by the United Stated Computer Emergency Readiness Team (US-CERT), the department warned that Russian hackers have been infiltrating machines with access to critical control systems at power plants dating back to at least 2016.

Oil, gas and petrochemical facilities were ripe for cyber attacks before DHS' alert.

A survey carried out last year (.PDF) by industrial manufacturer Siemens and the Ponemon Institute said that most oil and gas companies, 70 percent, were hacked in 2016. According to the report only 41 percent of respondents said they continually monitored their company's infrastructure. 46 percent of attacks on operational technology environments go undetected, according to the report, a figure which Ponemon suggests signals a need for investments in technologies that detect cyber threats to oil and gas companies.

This article was updated at 2:25 p.m. EST to include a statement from Energy Transfers Partners.

Tags: Industry Insights, ICS Security, Critical Infrastructure

Chris Brook

Chris Brook is the editor of Data Insider. He is a technology journalist with a decade of experience writing about information security, hackers, and privacy. Chris has attended many infosec conferences and has interviewed hackers and security researchers. Prior to joining Digital Guardian he helped launch Threatpost, an independent news site which is a leading source of information about IT and business security for hundreds of thousands of professionals worldwide.