%202.svg)
US Gas
Russian Wizard Spider’s Ryuk Malware
Oil and Gas/Energy
Two-day shutdown of the pipeline, estimated $8-12M
Phishing, IT-OT Lateral Movement
Lack of IT-OT Segmentation
Network Cloaking, Passwordless Secure Access, and Segmentation
%20Cards.png)
In February 2020, an unidentified ransomware variant successfully impacteda US natural gas compression facility.
The attack vector involved enticing the user to click a phishing link, andthen the ransomware traversed Internet-facing IT networks. Subsequently,it moved into the OT system responsible for monitoring pipeline operations.This forced the facility to shut down its control systems as a precautionaryor mandated measure.
The primary failure was network misconfiguration and a failure to enforce robustisolation between the exposed IT network and the sensitive OT monitoringsystems, allowing the ransomware to move across the perceived boundary anddisrupt availability.
The US Gas Compression Facility shutdown was a direct consequence of anetwork misconfiguration that enabled the ransomware to propagate laterally.BlastWave’s IDM solution enforces security through identity and policy, not network location.
By deploying a BlastWave Gateway to protect the pipeline monitoring OT system,the Gateway would enforce that only authenticated, authorized OT workstationscan initiate communication.
Reading about past failures is only useful if it changes future outcomes. If attackers can see your OT network, they can target it. If they can target it, compliance, safety, and uptime are already at risk.
BlastWave eliminates reconnaissance, initial access, and lateral movement — without agents, without downtime, and without changing IPs, protocols, or PLCs.