Another Pipeline Has Been Pwned By Hackers…. And This Time They Have Leaked Data

When hackers pwned Colonial Pipeline last month and shut off the distribution of gas along much of the East Coast of the United States, the world woke up to the danger of digital disruption of the petrochemical pipeline industry. Now it appears another pipeline-focused business was also hit by a ransomware crew around the same time, but kept its breach quiet — even as 70 gigabytes of its internal files were stolen and dumped onto the dark web:

A group identifying itself as Xing Team last month posted to its dark web site a collection of files stolen from LineStar Integrity Services, a Houston-based company that sells auditing, compliance, maintenance, and technology services to pipeline customers. The data, first spotted online by the WikiLeaks-style transparency group Distributed Denial of Secrets, or DDoSecrets, includes 73,500 emails, accounting files, contracts, and other business documents, around 19 GB of software code and data, and 10 GB of human resources files that includes scans of employee driver’s licenses and Social Security cards. And while the breach doesn’t appear to have caused any disruption to infrastructure like the Colonial Pipeline incident, security researchers warn the spilled data could provide hackers a roadmap to more pipeline targeting. LineStar did not respond to requests for comment.

This isn’t good as clearly this is going to affect employees first as this info will be a springboard for things like identity theft for example.

But the larger issue is this. Critical infrastructure like this needs to be disconnected from the public Internet until a real solution to security is provided. Or just be disconnected forever. This kind of pwnage will happen EVERY SINGLE DAY as it has been for the last few years. Companies need either to stop doing what is easy and start doing what is secure, or be forced to do it. The other thing that needs to happen is that countries who are the victims of these attacks should sanctioning countries heavily where these threat actors originate from. That would start to force some of these countries to ensure that their citizens behave better. But I guess I expect too much.

Leave a Reply

%d bloggers like this: