Security News > 2021 > July > Chinese state hackers breached over a dozen US pipeline operators

Chinese state-sponsored attackers have breached 13 US oil and natural gas pipeline companies between December 2011 to 2013 following a spear-phishing campaign targeting their employees.

The end goal of the attacks was to help China develop cyberattack capabilities that would allow future intrusions to physically damage targeted pipelines or disrupt US pipeline operations.

Chinese-backed threat actors targeted 23 US pipeline operators.

"Overall, the US Government identified and tracked 23 US natural gas pipeline operators targeted from 2011 to 2013 in this spearphishing and intrusion campaign. Of the known targeted entities, 13 were confirmed compromises, 3 were near misses, and 7 had an unknown depth of intrusion," the advisory reads.

This joint advisory follows the DarkSide ransomware attack against the networks of Colonial Pipeline, a company managing the most extensive US pipeline system and supplying roughly half of all the fuel on the US East Coast.

The same month, in May, the Department of Homeland Security announced new pipeline cybersecurity requirements directing critical pipeline owners and operators to report confirmed and potential cybersecurity incidents to CISA. The new security directive makes it easier for the DHS to identify, protect against, and respond to cybersecurity threats directly targeting US critical pipeline sector companies.

News URL

https://www.bleepingcomputer.com/news/security/chinese-state-hackers-breached-over-a-dozen-us-pipeline-operators/