Hackers sponsored by China targeted 23 companies that owned oil and gas pipelines from 2011 to 2013, a recently declassified report revealed.
The report, coauthored by the Cybersecurity and Infrastructure Security Agency (CISA) and the FBI, was released Tuesday, revealing details of a Chinese state-sponsored cyber campaign against critical U.S. infrastructure. Of the 23 pipeline operators targeted, hackers successfully compromised 13, extracting data related to the control and operation of the pipeline such as usernames, passwords, system manuals and personnel lists, according to the report.
“The exfiltrated data provided the capabilities for the Chinese cyber actors to access ONG [oil and natural gas] operational systems at a level where they could potentially conduct unauthorized operations,” the report read. (RELATED: Carnival Cruise Line Admits Customer Information Was Compromised In March Hack)
The hackers used a technique called spear phishing, in which emails are sent to pipeline employees containing malware files, to gain access to the data, according to the report. Pipelines also received calls from blocked numbers impersonating cyber security firms that would ask questions regarding the pipelines’ security practices.
The report found no evidence that the hackers ever attempted to control or modify the pipeline operations they accessed.
The release of the report comes after President Joe Biden accused China on Monday of sponsoring cyber attacks around the world, including a hack on Microsoft Exchange’s email service in March. The Justice Department charged four Chinese nationals Monday for a series of cyber attacks.
Chinese officials denied the charges, instead accusing the Central Intelligence Agency (CIA) of carrying out cyber attacks against China.
Hackers have attacked several U.S. critical infrastructure targets in recent months, with the breach of Colonial Pipeline in May causing widespread fuel shortages across the eastern U.S. An attack on the nation’s largest meat packer JBS in June temporarily shut down its processing plants.
Software company Kaseya was breached earlier this month in an attack that affected more than 1,500 downstream businesses.
All content created by the Daily Caller News Foundation, an independent and nonpartisan newswire service, is available without charge to any legitimate news publisher that can provide a large audience. All republished articles must include our logo, our reporter’s byline and their DCNF affiliation. For any questions about our guidelines or partnering with us, please contact firstname.lastname@example.org.