A cyberattack on a shared data network forced four of the nation's natural-gas pipeline operators to temporarily shut down computer communications with their customers over the last week.
No gas service was interrupted, the companies said, and the interruption of customer transactions was merely a precaution. It was unclear whether any customer data was stolen.
The attack highlighted the potential vulnerability of the nation's energy system, cyberexperts say. Beyond consumer and business data — energy companies possess much proprietary information about their holdings, trading strategies and exploration and production technologies — the increasing dependence of pipeline infrastructure on digital systems makes them a particularly ripe target. Control valves, pressure monitors and other equipment connected to wireless networks are vital to daily functions of everything from refineries to oil wells.
Read more from the New York Times:
Hard choice for cities under cyberattack: Whether to pay ransom
White House tries to tamp down trade war fears as China retaliates
For Mueller, a feared weakness becomes a strength
With nearly 2.5 million miles of oil, gas and chemical pipelines crisscrossing the country, intrusions into control systems could do more than disrupt deliveries, said Andrew R. Lee, a cybersecurity expert at the law firm Jones Walker in New Orleans. The risks include "explosions, spills, or fires, which easily will threaten human life, property and the environment," he said.
Nothing close to that kind of disaster happened this time. But the pipeline industry leaders Oneok; Energy Transfer Partners; Boardwalk Pipeline Partners; and Eastern Shore Natural Gas, a Chesapeake Utilities subsidiary, all reported communications system interruptions.
The attack's target appears to have been Latitude Technologies, a Texas-based provider of electronic data-sharing between pipeline companies and their gas producer and utility customers. The company handles the critical computer communications of gas storage facilities, as well as sales contracts and shipment scheduling.
Chris Bronk, a cybersecurity expert at the University of Houston, said such attacks on the gas marketing communications hub is a way to gather intelligence on the entire gas industry.
"If I compromise their operations, I can see all the buyers and sellers," he said. "If I can persistently be in their network I can issue fake transactions." In that way, Mr. Bronk added, hackers could potentially jumble gas shipments, and even cause electricity production outages.
Latitude Technologies, a unit of Energy Services Group, declined to discuss the disruption in detail. In a statement, it said, "We do not believe any customer data was compromised."
The Department of Homeland Security was investigating the attack, and no suspect has been publicly identified. But the attack came shortly after the department and the F.B.I. issued a report alleging that Russia was taking aim at the electric grid and other critical infrastructure with cyber probes.
The House Committee on Science, Space and Technology released a staff report this month that described Russian efforts to influence American energy markets and energy policy through inflammatory posts on social media. The motivation for such efforts appeared to be the increase in exports of liquefied natural gas from the United States, a challenge to Russian dominance in European markets.
Cybercriminals, frequently suspected of working for foreign governments, have been increasingly active in the energy sector in recent years. Last fall, hackers penetrated safety systems of a petrochemical plant in Saudi Arabia, the latest in a spate of increasingly sophisticated attacks on the kingdom's energy infrastructure. An attack on Ukraine's grid in 2015 led to extensive blackouts.
American gas pipeline companies were targeted in 2012, although the damage was believed to have been limited. Employees of several pipeline companies have been targets of spear-phishing attacks — efforts to lure them to click on email attachments containing malicious code.
The Trump administration has announced that it is establishing an office within the Department of Energy to shore up cybersecurity for critical infrastructure like nuclear plants, refineries and pipelines.