"A system that digitally processes customer transactions for a major pipeline network in the U.S. was shut down Monday after a cyber attack. The electronic data interchange provided by third-party Energy Services Group LLC for Energy Transfer Partners's natural gas pipeline system was attacked Monday and will be hobbled until "further notice," Energy Transfer said in a notice to shippers. The shutdown could affect a network of major pipelines owned by subsidiaries, including Panhandle Eastern Pipe Line Company, which owns lines from Michigan to Texas, Transwestern Pipeline Company and Rover Pipeline. The EDI system, designed to cut costs and boost speed, is used to conduct business through a computer-to-computer exchange of documents..." https://www.dallasnews.com/business...agesdallas-companys-national-pipeline-network
"Third gas pipeline data system shuts a day after cyberattack A third U.S. pipeline company reported its electronic system for communicating with customers has stopped working, a day after a cyberattack resulted in a similar shutdown... Tuesday's closure affected Oneok Inc., which operates natural gas pipelines in the Permian Basin in Texas and the Rocky Mountain region. The cyberattack Monday didn't affect flows on the pipeline. The systems hit in the last two days help pipeline customers communicate their needs with operators, using a computer-to-computer exchange of documents. Energy Transfer Partners LP and Boardwalk Pipeline Partners LP reported breakdowns Monday..." https://www.chron.com/business/ener...ne-data-system-shuts-a-day-after-12803184.php
"Four Gas Pipeline Data Systems Shut Down as Cyberattack Hits... The electronic systems help pipeline customers communicate their needs with operators, using a computer-to-computer exchange of documents... The shutdowns are 'not operationally serious in the sense that it’s stopping the natural gas from moving, but it is serious because it’s causing these companies to use workarounds for communication,' said Rae McQuade, president of the North American Energy Standards Board in Houston, which is responsible for developing industry standards... While the EDI systems may be entry points for hackers, they are likely not the ultimate target, said Jim Guinn, managing director and global cybersecurity leader for energy, utilities, chemicals and mining at Accenture PLC, a technology consulting company... 'There is absolutely nothing of intrinsic value for someone to infiltrate the EDI other than to navigate a network to do something more malicious,' Guinn said by telephone Tuesday. 'All bad actors are looking for a way to get into the museum to go steal the Van Gogh painting.'... https://www.bloomberg.com/news/arti...attack-a-third-gas-pipeline-data-system-shuts
If my sources can be trusted, the malware was hosted on a Dyn server (Oracle) in New Hampshire. This is new.
"Cyberattack Shows Vulnerability of Gas Pipeline Network... HOUSTON — A cyberattack on a shared data network forced four of the nation’s natural-gas pipeline operators to temporarily shut down computer communications with their customers over the last week... The attack highlighted the potential vulnerability of the nation’s energy system, cyberexperts say. Beyond consumer and business data — energy companies possess much proprietary information about their holdings, trading strategies and exploration and production technologies — the increasing dependence of pipeline infrastructure on digital systems makes them a particularly ripe target. Control valves, pressure monitors and other equipment connected to wireless networks are vital to daily functions of everything from refineries to oil wells. With nearly 2.5 million miles of oil, gas and chemical pipelines crisscrossing the country, intrusions into control systems could do more than disrupt deliveries,... ..such attacks on the gas marketing communications hub is a way to gather intelligence on the entire gas industry. 'If I compromise their operations, I can see all the buyers and sellers,' he said. 'If I can persistently be in their network I can issue fake transactions.' In that way, Mr. Bronk added, hackers could potentially jumble gas shipments, and even cause electricity production outages. https://www.nytimes.com/2018/04/04/business/energy-environment/pipeline-cyberattack.html
"Cyberattack Bleeds Into Utility Space With Billing Delays "Cyberattack Bleeds Into Utility Space With Billing Delays A cyberattack that hobbled the operations of at least four natural gas pipeline companies starting late last week also triggered changes within the utility industry. Duke Energy Corp., the second largest U.S. utility by market capitalization,... shares consumer data with dozens of third-party electricity and gas providers in Ohio through an electronic system run by Energy Services Group LLC, the data firm that was hacked. Fearing the information could be compromised, Charlotte, North Carolina-based Duke abandoned the Energy Services system, Catherine Butler, a Duke spokeswoman, said in an email. As a result, some Ohio customers may see a delay in getting their monthly energy bills or receive partial bills, she said... ESG’s electronic systems help pipeline operators speed up tracking and scheduling of gas flows. The company also supplies electricity prices and demand models that retail power providers depend on to bill homes and businesses, and determine how much supply to secure for customers in wholesale markets,... ESG’s platforms are used “all over the country” for power transactions, Harris said. 'Nobody who is using the pricing platform has been able to use it to price since last Thursday. There are going to be estimated bills going out for some of the largest companies.' Absent the demand models from Energy Services, retail power providers could also come up short (or long) on power supplies for their customers and may resort to buying and selling in spot markets to re-balance... So far, there’s no “direct evidence” that the attackers sought ransom, said Steve Grobman, chief technology officer at cybersecurity company McAfee Security LLC. It’s also still unknown whether the attack came from a state-sponsored group, a criminal gang or some combination thereof..." https://www.bloomberg.com/news/arti...into-utility-space-as-duke-sees-billing-delay
