Several iconic Las Vegas hotels were at the center of a cyberattack last month that shut down operations, locked guests out of their rooms, and forced hotels to operate on pen and paper and cash-only transactions. In this social engineering attack, the hacker utilized social skills and questions to piece together enough information to infiltrate the hotels’ networks. This strategy typically involves posing as a new employee, researcher, or repair person to appear unassuming or credible to victims.
In 2022, the manufacturing industry experienced the highest number of cyberattacks, followed by finance, consumer services and energy. Hackers frequently target these industries due to their treasure trove of data and the heightened pressure to return systems back to normal.
A single compromised password exposed a peer midstream company to a ransomware attack in 2021, which resulted in severe fuel shortages across the eastern U.S. Not only was this a watershed moment for the energy industry, but it also revealed to everyday Americans the cyberattack risk to the critical infrastructure systems we rely on every day.
Kinder Morgan transports roughly 40% of the natural gas consumed in the U.S., and approximately 9,500 miles of its pipeline systems supply products like gasoline, jet fuel, diesel and crude oil. The energy that is delivered through our pipelines helps power homes and businesses and fuels cars and airplanes from coast to coast. For this reason, our cybersecurity strategy is an integral part of our business continuity planning.
Defending our assets requires a multi-layered plan and strong relationships with federal and state agencies and industry groups, including CISA (Cybersecurity & Infrastructure Security Agency), DHS (Department of Homeland Security), DOE (Department of Energy), the FBI (Federal Bureau of Investigation), TSA (Transportation Security Administration), and other government agencies and industry trade groups. These relationships provide Kinder Morgan with intelligence on a wide range of critical infrastructure protection and cybersecurity issues, as well as an opportunity to exchange best practices.
Across our enterprise, we also use a risk-based approach that focuses on critical systems where failure or exploitation could potentially impact pipeline safety or reliability. We want to ensure that the systems our communities depend on remain as resilient as possible in the face of cybersecurity or physical threats.
Kinder Morgan continues to collaborate with government agencies, industry groups and employees to improve our comprehensive cybersecurity strategy. We evaluate the ever-evolving threats and assess our defenses as the national and economic security of the U.S. depends on the reliable functioning of critical infrastructure systems like those we operate.