Feds detail China’s cyberattack allegations against American pipelines


Biden management Amid an ongoing effort to uncover the scope of what the United States and its allies are saying, new details have emerged of Chinese cyberattacks on American critical infrastructure that began nearly a decade ago. ChinaMalicious cyber actions against US and other foreign targets.

China-backed attackers targeted US oil and gas companies from December 2011 to 2013 in an effort to develop the cyberattack capabilities needed to disrupt and damage US pipeline operations, according to a US alert issued on Tuesday. FBI and Cyber ​​Security and Infrastructure Security Agency. The federal government said it had previously informed victims and others about the 2012 cyberattacks, but didn’t make full details public until this week.

“Overall, the U.S. Government identified and monitored 23 U.S. gas pipeline operators targeted from 2011 to 2013 in this spearphishing and trespassing campaign.” FBI and CISA warn. “Of the known targeted assets, 13 had verified compromises, three had near misses, and eight had an unknown intrusion depth.”

Spear phishing is a scam that uses electronic communication, and often email, to gain improper access or trick someone into sharing information.

New details China‘s alleged attacks provide a broader picture of Beijing’s targets in cyberspace – from private businesses to government agencies – and show that Russian-based hackers aren’t the only ones behind the attack on American critical infrastructure.

While the US government points out that Russia-based attackers are involved in a ransomware attack on large companies US fuel Provider Colony Pipeline details earlier this year. ChinaIts alleged targeting indicates that the pipeline industry is under attack from several different directions.

The government is making the ten-year attack public. China It was circulated along with another federal government directive urging pipeline companies to take cybersecurity seriously. The Transportation Security Administration’s “Security Directive”, issued Tuesday, orders critical pipelines designated by the government to “implement certain mitigation measures” to protect against ransomware attacks.

The TSA had previously issued a security directive to the pipeline industry in May, and the agency did not provide details explaining the new cybersecurity measures it ordered in Tuesday’s announcement.

News of China’s cyberattacks on American pipelines was not included in the coordinated global publicity attack by the United States and its allies in Asia and Europe. China for a hack Microsoft Exchange servers compromised by tens of thousands of computers and other malicious cyber activity, including ransomware attacks.

Microsoft made public for the first time Microsoft In March 2021, Exchange Server was hacked, in an announcement stating that the attacker had “high confidence” that the attacker was a state-sponsored group. China.

When the federal government officially accuses China more than three months later, a senior Biden management The timing of Monday’s announcement was driven by the desire of its allies to join the campaign as a warning to Beijing, the official said. The official also highlighted the importance of the US federal government wanting to have “high confidence” in its claims and the government’s willingness to provide network information about the alleged Chinese hacking.

Chinese Foreign Ministry spokesman Zhao Lijian dismissed the US government and its allies’ condemnations as “baseless accusations” in a post on Twitter.

FBI and CISATuesday’s warning provided a comprehensive breakdown ChinaIncluding alleged cyberattacks on US pipelines, indicators of compromise, and other technical information demonstrating the attackers’ tactics and techniques.

Sign up for Daily Newsletters


Source link

Leave a Reply

Your email address will not be published. Required fields are marked *