Delaware, USA – April 3, 2018 – Yesterday Energy Transfer Partners LP reported hacking of data systems related to the company’s pipeline network. The normal functioning of the systems was restored after 6 p. m. New York time. The company said that cyberattack did not affect the transportation of natural gas. The attack was aimed at the contractor Latitude Technology that manages EDI platform for trusted business data exchange. The representative of the company also said that no data was compromised. Adversaries supposedly were aimed at gaining financial data. Also, security experts suggest that hackers could use EDI platform for a fraudulent scheme similar to Business Email Compromise attacks. Bloomberg reported that Boardwalk Pipeline Partners LP also experienced problems with their EDI platform but did not disclose the details of the incident.
It is not yet known who is behind this attack and what goals they pursued. It is worth recalling that in mid-March US-CERT issued alert TA18-074A informing about the activity of Dragonfly hacker group, which attacks government entities and companies in the energy sector in North America and Europe. To ensure that your company is not targeted by their cyber espionage campaigns, leverage TA18-074A Detector SIEM use case containing 128 indicators of compromise.