Hackers working for the Chinese government compromised more than a dozen U.S. pipeline operators nearly a decade ago, the Biden administration revealed Tuesday while also issuing first-of-its-kind cybersecurity requirements on the pipeline industry.
The disclosure of previously classified information about the aggressive Chinese hacking campaign, though dated, underscored the severity of foreign cyber threats to the nation’s infrastructure, current and former officials said. In some cases, the hackers possessed the ability to physically damage or disrupt compromised pipelines, a new cybersecurity alert said, though it doesn’t appear they did so.
Previously, senior administration officials had warned that China, Russia and others were capable of such cyber intrusions. But rarely has so much information been released about a specific and apparently successful campaign.
Chinese state-sponsored hackers between 2011 and 2013 had targeted nearly two dozen U.S. oil and natural gas pipeline operators with the specific goal of “holding U.S. pipeline infrastructure at risk,” the Federal Bureau of Investigation and the Department of Homeland Security said in Tuesday’s joint alert.
Of the known targets, 13 were successfully compromised and an additional eight suffered an “unknown depth of intrusion,” which officials couldn’t fully assess because the victims lacked complete computer log data, the alert said. Another three targets were described as “near misses” of the Chinese campaign, which relied heavily on spear phishing attacks.
“This activity was ultimately intended to help China develop cyberattack capabilities against U.S. pipelines to physically damage pipelines or disrupt pipeline operations,” the alert said. It added that the Chinese appeared to be carrying out the attack as part of an overarching goal to gain “strategic access” to industrial control systems for “future operations rather than for intellectual property theft.”
The FBI and DHS said they first became aware of multiple targeted attacks on oil-and-gas companies in April 2012 and provided remediation services to known affected victims in 2012 and 2013.
https://www.wsj.com/articles/new-pipeline-cybersecurity-requirements-issued-by-biden-administration-11626786802?mod=itp_wsjAm sure Obama does not like this as he put the lid on it during his watch.
At the same time, Obama helped China steal technology from us, and it took Trump to begin stopping them through tariffs.
