US Says Chinabacked Hackers Targeted 23 Pipeline Companies

From MotoGP
Jump to: navigation, search

Chinese state-backed cybercriminals targeted close to two dozen American pipeline companies from 2011 until 2013, the federal government said on Tuesday.



The revelation comes as the Biden administration tries to figure out a way to bolster cybersecurity for the nation's critical infrastructure targets after the May ransomware attack that targeted Colonial Pipeline, disrupting gas delivery across the East Coast.



China on Tuesday denied being responsible for a massive hack of Microsoft servers after it was accused in a rare joint statement by the US, UK, EU, Australia, NATO and others.



The Department of Homeland Security on Tuesday announced new requirements for US pipeline operators to bolster anti-hacking defenses.



In a statement, the DHS said it would require operators of federally designated critical pipelines to implement 'specific mitigation measures' to prevent ransomware attacks and other cyber intrusions.



Operators must also implement contingency plans and conduct what the department calls a 'cybersecurity architecture design review.'



DHS did not immediately release further details about the guidance, which comes after another directive issued weeks after the May 7 attack on Georgia-based Colonial Pipeline.



Chinese state-backed cybercriminals targeted close to two dozen American pipeline companies from 2011 until 2013, the federal government said on Tuesday. The revelation comes as the Biden administration tries to figure out a way to bolster cybersecurity for the nation's critical infrastructure targets after the May ransomware attack that targeted Colonial Pipeline, disrupting gas delivery across the East Coast



The US has accused China and Russia of allowing cybercriminals in their country to hack into critical American infrastructure systems. The image above is a file photo



US agencies on Tuesday also disclosed that Chinese government-linked intruders targeted 23 natural gas pipeline operators from 2011 to 2013.



Thirteen of those attacks were confirmed intrusions, according to a government advisory.



The Colonial attack led to the shutdown of a system delivering about 45 percent of the gasoline consumed along the East Coast and sparked long lines and gas shortages in several states.



Colonial paid an estimated $4.4million ransom, most of which was recovered by the Justice Department.



The FBI has blamed the attack on a Russia-based gang of hackers using the DarkSide ransomware variant. Datchley's blog



Previous



1



Next



'If anyone is lying, it is you': Fauci tears into GOP... 'I think about forty percent of people still don't think we...



Share this article



Share



The Biden administration has repeatedly accused Russia of granting safe haven to criminal gangs and trying to steal from government agencies and private organizations in various sectors.



It imposed sanctions in April for a range of activities including hacking.



Russia has broadly denied being involved in cyberattacks of US institutions, decrying 'unfounded accusations' in a statement last month.



The US and key allies this week accused China of complicity in a massive hack of Microsoft Exchange email server software that victimized thousands of organizations.



That announcement, however, was not accompanied by sanctions against China, which has accused the US of making 'groundless attacks' against it regarding cybersecurity.



Chinese diplomats branded the allegation 'groundless and irresponsible' on Tuesday while dubbing Washington 'the world champion of malicious cyber attacks'.



Washington made the allegations after a hack of Microsoft Exchange servers in January that affected some 30,000 organizations worldwide including defense contractors and think-tanks.



Biden compared the hack to attacks emanating from Russia, saying that Beijing may not be directly responsible but is protecting those who are.



He added that US intelligence is carrying out an investigation into the hack, which affected at least 30,000 businesses, and may take action once it is completed.



China has denied being responsible for a massive hack of Microsoft servers earlier this year that affected at least 30,000 organizations worldwide (file image)



President Joe Biden (left) said China may not be directly responsible for the hacks but, like Russia, is harboring those who are carrying them out. Chinese President Xi Jinping is seen right



US Secretary of State Antony Blinken said the attack on Microsoft Exchange, a top email server for corporations around the world, was part of a 'pattern of irresponsible, disruptive and destabilizing behavior in cyberspace, which poses a major threat to our economic and national security.'



China's Ministry of State Security, or MSS, 'has fostered an ecosystem of criminal contract hackers who carry out both state-sponsored activities and cybercrime for their own financial gain,' Blinken said in a statement.



In a simultaneous announcement, the US Department of Justice said four Chinese nationals had been charged with hacking the computers of dozens of companies, universities and government bodies between 2011 and 2018. datchley is blogging



A group known as Hafnium is believed to have identified a weakness in the servers in January, and begun inserting 'backdoors' into systems using them which they could return to later, the BBC reported.



The operation targeted defense contractors, think tanks and universities, and appears to have initially been aimed at surveillance and covert data-gathering.



But in February the operation massively expanded into a 'smash and grab' raid on the servers after several other hacking groups piled in.



It is thought Hafnium became aware that Microsoft had identified the vulnerability they were exploiting and planned to close it, prompting them to share its existence and causing the pile-on.



Pointing to the indictment, Blinken said the United States 'will impose consequences on (Chinese) malicious cyber actors for their irresponsible behavior in cyberspace.