An advisory by the FBI and the Cybersecurity and Infrastructure Security Agency (CISA) has revealed Chinese state-backed hackers breached 13 US pipelines between 2011 and 2013.
According to Bleeping Computer, the advisory revealed that state-sponsored attackers breached 13 oil and natural gas pipeline companies following a spear-phishing campaign targeting their employees.
The publication added that the advisory stated the end goal of the attacks was to help China strengthen its cyberattack capabilities that would enable future hacking attempts to physically damage targeted pipelines or disrupt US pipeline operations.
The advisory said, “Overall, the US Government identified and tracked 23 US natural gas pipeline operators targeted from 2011 to 2013 in this spear phishing and intrusion campaign. Of the known targeted entities, 13 were confirmed compromises, 3 were near misses, and 7 had an unknown depth of intrusion.
“CISA and FBI assess that these intrusions were likely intended to gain strategic access to the industrial control system (ICS) networks for future operations rather than for intellectual property theft. This assessment was based on the content of the data that was being exfiltrated and the TTPs used to gain that access.”
The advisory also claimed that the attackers end goal of gaining access to ICS networks was evident in at least one compromise incident when they ignored sensitive decoy documents such as financial and business-related information.
The joint advisory also made clear that the tactics, techniques and procedures included in the document were still relevant and could be used to help US critical infrastructure organisations in protecting their network from similar attacks.
Earlier this year, the US Department of Homeland Security revealed new pipeline cybersecurity requirements that directs critical pipeline owners and operators to report confirmed and potential cybersecurity incidents to CISA.
Copyright © 2021 RegTech Analyst
Copyright © 2018 RegTech Analyst