The US Department of Homeland Security reports that an unidentified gas compression facility had recently shut down due to a cyber attack. The attack left the facility without access and visibility to certain data and operations, and management decided to shut down operations as a precaution. Other geographic compression facilities also had to halt operations because of pipeline dependencies on the attacked facility.
Cyber criminals used a spearphishing link to obtain access to the facility IT network before pivoting over to the operational technology network. The Department of Homeland Security and CISA has alerted and encourage other energy infrastructure firms to review their cybersecurity, and take steps to protect themselves against similar ransomware attacks.
https://www.insurancejournal.com/news/national/2020/02/19/558805.htm
Doan's Cybersecurity Blog 