China Compromised More than a Dozen US Pipelines Between 2011 and 2013 (wsj.com) 53
"Hackers working for the Chinese government compromised more than a dozen U.S. pipeline operators nearly a decade ago, the Biden administration revealed Tuesday while also issuing first-of-its-kind cybersecurity requirements on the pipeline industry," reports the Wall Street Journal.
The disclosure of previously classified information about the aggressive Chinese hacking campaign, though dated, underscored the severity of foreign cyber threats to the nation's infrastructure, current and former officials said. In some cases, the hackers possessed the ability to physically damage or disrupt compromised pipelines, a new cybersecurity alert said, though it doesn't appear they did so. Previously, senior administration officials had warned that China, Russia and others were capable of such cyber intrusions. But rarely has so much information been released about a specific and apparently successful campaign.
Chinese state-sponsored hackers between 2011 and 2013 had targeted nearly two dozen U.S. oil and natural gas pipeline operators with the specific goal of "holding U.S. pipeline infrastructure at risk," the Federal Bureau of Investigation and the Department of Homeland Security said in Tuesday's joint alert. Of the known targets, 13 were successfully compromised and an additional eight suffered an "unknown depth of intrusion," which officials couldn't fully assess because the victims lacked complete computer log data, the alert said. Another three targets were described as "near misses" of the Chinese campaign, which relied heavily on spear phishing attacks.
Newsweek adds that the same day the U.S. Department of Homeland Security "announced new requirements for U.S. pipeline operators to bolster cybersecurity following a May ransomware attack that disrupted gas delivery across the East Coast." In a statement, DHS said it would require operators of federally designated critical pipelines to implement "specific mitigation measures" to prevent ransomware attacks and other cyber intrusions. Operators must also implement contingency plans and conduct what the department calls a "cybersecurity architecture design review."
Chinese state-sponsored hackers between 2011 and 2013 had targeted nearly two dozen U.S. oil and natural gas pipeline operators with the specific goal of "holding U.S. pipeline infrastructure at risk," the Federal Bureau of Investigation and the Department of Homeland Security said in Tuesday's joint alert. Of the known targets, 13 were successfully compromised and an additional eight suffered an "unknown depth of intrusion," which officials couldn't fully assess because the victims lacked complete computer log data, the alert said. Another three targets were described as "near misses" of the Chinese campaign, which relied heavily on spear phishing attacks.
Newsweek adds that the same day the U.S. Department of Homeland Security "announced new requirements for U.S. pipeline operators to bolster cybersecurity following a May ransomware attack that disrupted gas delivery across the East Coast." In a statement, DHS said it would require operators of federally designated critical pipelines to implement "specific mitigation measures" to prevent ransomware attacks and other cyber intrusions. Operators must also implement contingency plans and conduct what the department calls a "cybersecurity architecture design review."
If it works like it has in the past... (Score:3)
At the end of the three year period, none of the pipeline operators will have these measures implemented. They'lll apply for - and be granted - an extension. Then another. Congress will hold hearings (scheduled during an election year) where they call in the heads of these companies to explain why it hasn't happened... although very little of the talking will come from anyone other than the Congressmen.
The Chinese must hate Ransomware (Score:2)
Without it, there would not be any focus on cyber security, and the Chinese could just turn America off if push came to shove.
But randsomware has put a huge focus on fixing these things. The thieves are doing us a great service, paradoxically.
Requirements for pipelines is a start (Score:2)
Re: (Score:2)
Indeed. There is only one solution: Regulate them, give them a year and if external independent audit and external independent pen-tests and security analyses still finds significant defects, fine the CEO. If a year later things still suck, _jail_ the CEO.
Incidentally, there is absolutely no sane justification for giving them 3 years. That is way to long to fix something this basic.
Re: (Score:2)
Then the Chinese - and the Russians - will nuke the USA.
Anything common with CIA/NSA agents? (Score:4, Insightful)
Just wondering whether there's anything common between Chinese and CIA agents when it comes to fomenting mayhem/chaos in distant lands... Is there?
Re: (Score:3, Insightful)
Re: (Score:2, Insightful)
Yes, it rather like the US where the bomb the fuck out of you, or to the extent that they can place economic embargoes on countries such that their country's populace is wallowing in complete fucking misery, causing inflation to run amuck and industries to completely collapse .
Re: Anything common with CIA/NSA agents? (Score:1)
Yes, comrade. The good news is that most of us grew out of that phase as we started working to support our own families. You'll get there, kid.
Re: (Score:2, Informative)
They have not the slightest desire to attack or harm the USA or its people.
Too bad they don't feel the same about Taiwan, India, and the countries of the South China Sea.
Chinese "communism" (government in the interests of all) leads to both greater safety and greater prosperity than Western "free market democracy", which robs the poorest 99% to enrich (still further) the wealthiest 1%.
China is certainly not more prosperous than the West, and China's Gini score (inequality) is worse than the EU's and about the same as America's.
Re: (Score:1, Insightful)
Taiwan, SCS, India, etc. are all very different because there's an actual territorial dispute, which exists. It's nothing about harming the people or the countries, but rather governing what they perceive is theirs, and that only due to historical reasons, that is imperialistic colonialism, that these territories became in question. Furthermore these territorial disputes have been exacerbated because of China's fears of the US. Around 2011 when the US stated that they were going to be moving 60% of their
Re: (Score:2)
By taking control of all the natural resources, they are effectively stealing the wealth of all those other nations, making those populations worse off. So yes, China policies are directly hurting all their neighbors.
Re: (Score:1, Troll)
They have changed a lot in the last twenty years but that change does not suit the greed of the USA war industrial complex so they propagandise to hide and obfuscate it. Quite clearly without a shadow of the planet, the USA is the planets main aggressor, forment conflict across the planet, this due to the manipulations of the UK and Israeli governments, working together, one for profit and power and the other for land and power.
The USA is the dopey bully being used to attack other regions at it's own massiv
Re: (Score:2, Insightful)
I'm sure if you ask all the Chinese neighbor states, they will tell you have great China is. /s
Also, maybe ask the Muslim minorities how nice it is being reeducated simply because they are Muslim. No thanks.
Also, its not at like poor people don't exist in China and let's also just pretend no rich people exist there either. The more I look at the Chinese government, it's not even commuism, just good old fashion authoritarianism. How can there be such huge wealth gaps while calling yourself communist? It's ju
Re: (Score:2)
Just wondering whether there's anything common between Chinese and CIA agents when it comes to fomenting mayhem/chaos in distant lands... Is there?
The CIA is so incompetent that they couldn't accomplish this is they tried. They would end up driving on the wrong side of the road in England or something.
Re: (Score:2)
CIA agents are better at creating chaos and are also better liars.
By compromised they mean by... (Score:1, Interesting)
Spearfishing.
https://us-cert.cisa.gov/ncas/... [cisa.gov]
The emails examples that they provide is laughable if they are to show they were actually "targeted". Who attaches e.g. a file named "iTunesHelper.exe" or "kkk.exe" and expect someone to click on it in the US pipeline industry? This appears more to be just spam being sent to everyone possible, rather than targeting a certain industry.
Re: (Score:2, Insightful)
Re: (Score:2)
So, as expected, the cold war never ended (Score:2)
and our people have been asleep at the wheel.
Americans can always be counted on to do the right thing... after they have exhausted all other possibilities. - Not Churchill [quoteinvestigator.com]
The word "Obama" nowhere to be found (Score:1)
13 pipelines compromised during the Obama administration.
0 disclosure about any of them during the Obama administration.
0 mentions of the word "Obama".
But "Biden Administration" mentioned at the very top.
Why are they hooked up to internet? (Score:1)
seems contrived.
Re: (Score:2)
So executives can be made to feel important by receiving constant updates to data that they don't understand.
Said no one, ever. (Score:4)
"This is a critical piece of national infrastructure, let's connect it to the internet" -- Said no one who has a basic understanding of security, ever.
Re: (Score:2)
But it's so EASY to do. The Internet is everywhere! We can use firewalls to secure our networks from outside actors, and VPNs to transport the data securely!
Re: (Score:2)
"This is a critical piece of national infrastructure, let's connect it to the internet" -- Said no one who has a basic understanding of security, ever.
Said everyone with a basic understanding of how this infrastructure works actually. It's the IT people and armchair experts who are delusional enough to believe that pipelines function without large real-time connection across the country.
The problem is security people, specifically low cost ones. The kind of people you employ for security and who then promote disconnecting from the internet because that's all they know what to do, and then when you tell them that won't be possible they are stumped and now
Re: (Score:2)
"This is a critical piece of national infrastructure, let's connect it to the internet" -- Said no one who has a basic understanding of security, ever.
These days there usually is no choice. The problem is not that this stuff is connected to the Internet. The problem is that it is inadequately secured and that nobody seems to know or care. This is a prime example where harsh regulation is needed and harsh _personal_ penalties for the C-levels that messed it up (always including the CEO) are necessary to change things.
Report (Score:2)
What goes around comes around.
Here's a simple rule... (Score:3)
DO NOT put fucking CRITICAL INFRASTRUCTURE on the public Internet!!!!
Re: (Score:2)
Sure, we'll just build a second internet on the side and pass the costs on to you.
Re: (Score:3)
If you did build a second internet, itds have weak security because hey, it's not connected to the internet. And then someone would demand to have their computer connected to both nets. Game over.
Re: (Score:2)
Thankyou, someone gets it. Security is not a single feature, it's a corporate culture that needs to be instilled in all levels from people, to design, to operation.
Re: (Score:2)
Not really. But how about: Make sure critical infrastructure connected to the Internet has at least basic precautions in place and verify that regularly (i.e. internal and external audit). If security fails to be effective, _fine_ the CEO. If that continues for more than one year, _jail_ the CEO (or the former CEO if that one tried to run...).
Critical infrastructure (Score:2)
Real story: Pipeline security sucks badly (Score:2)
If you leave the barn door wide open, blaming the one that walked in is just dishonest and a lie by misdirection. No matter how much you may hate China, the fact of the matter is you _allowed_ them to walk in bu not even having effective basic precautions.
Biden is solving it (Score:2)
To solve this problem, Biden just dropped charges against several Chinese accuse of industrial espionage and visa fraud. Apparently, the Bidenfolk think that being nice to Chinese will make them give up their aim of world domination. This is the approach Obama used with the Republicans, and obviously that was tremendously successful.
Decade old logs? (Score:2)
Seriously, what company keeps decade old logs of their infra? Something seems fishy that they come with these accusations so late.