The attack Energy Transfer described in a shipping notice on Monday didn't affect its pipeline systems, the company told Bloomberg. The attack was limited to the electronic data interchange system that facilitates transactions over oil and gas moving through its pipelines and was directed at the contractor that manages the system, Latitude Technology, according to the company.
Neither Energy Transfer nor Latitude responded to requests for comment.
Over the past two years, the U.S. energy industry and other companies that operate so-called critical infrastructure such as chemical and manufaturing plants have seen a significant increase in cyberattacks targeting individuals with access to control systems that operate facilities, federal agencies and cybersecurity experts say.
The attack reported by Energy Transfer doesn't bear the mark of a foreign nation-state trying to hack into the critical operating systems of U.S. pipelines, said Patrick McBride, chief marketing officer of cybersecurity firm Claroty in Virginia. Instead, it appears aimed at gaining data — such as who is buying what from whom at which price — that can be used to make trades in financial markets or sold directly, McBride said.
"This is likely a financially motivated attack, rather than a nation-state attack," McBride said. "It's not clear if they were trying to siphon off or redirect finances. More likely they're trying to get information they can use, to monetize competitive information."
It's extremely rare for an American energy company – or any company, for that matter – to publicly disclose a cyberattack against its operational systems or corporate networks. By law, U.S. companies are required to report attacks that compromise personal identifying information such as credit card numbers or medical records. But in the industrial sectors, there is no such requirement to report attacks on control and information technology systems.
U.S. energy companies reported more than 350 cybersecurity incidents between 2011 and 2015 to the Department of Homeland Security. But the federal agency has not identified any of the victims of the online attacks.
U.S. federal agencies last month said hackers backed by the Russian government have targeted the U.S. energy industry and other sectors critical to running the economy in a wave of attacks that began iin March 2016, if not earlier.
The alert, put out by the FBI and the Department of Homeland Security on March 15, marked the first time the U.S. government had specifically blamed the Kremlin for online attacks against the nation's so-called critical infrastructure, which includes energy, nuclear, water, aviation and manufacturing facilities.
©2018 the Houston Chronicle Distributed by Tribune Content Agency, LLC.
