China Breached Dozens of Pipeline Companies in Past Decade, U.S. Says

The disclosure about the breadth of state-sponsored cyberattacks was part of a warning to pipeline owners to increase the security of their systems to stave off future intrusions.


By Nicole Perlroth

The Biden administration disclosed previously classified details on Tuesday about the breadth of state-sponsored cyberattacks on American oil and gas pipelines over the past decade, as part of a warning to pipeline owners to increase the security of their systems to stave off future attacks.

From 2011 to 2013, Chinese-backed hackers targeted, and in many cases breached, nearly two dozen companies that own such pipelines, the F.B.I. and the Department of Homeland Security revealed in an alert on Tuesday.

Of 23 operators of natural gas pipelines that were subjected to a form of email fraud known as spearphishing, the agencies said that 13 were successfully compromised, while three were “near misses.” The extent of intrusions into seven operators was unknown because of an absence of data.

The disclosures add to the urgency of defending the United States’ pipelines and critical infrastructure from cyberattacks. For years, nation-backed hackers and, more recently, cybercriminals have targeted oil and gas pipelines, holding their operators hostage with ransomware, a form of malware that encrypts data until the victim pays. The ransomware attack on Colonial Pipeline, the operator of one of the country’s largest pipelines, in May was a wake-up call, but officials say it was only the most visible consequence of a digital threat that has been consuming critical infrastructure for a decade.

Nearly 10 years ago, the Department of Homeland Security said, it began responding to intrusions on oil pipelines and electric power operators at “an alarming rate.” Officials successfully traced a portion of those attacks to China, but in 2012, its motivation was not clear: Were the hackers trolling for industrial secrets? Or were they positioning themselves for some future attack?

Source: Read Full Article