China’s cyber attack on American pipelines

China’s cyber attack on American pipelines

by Andrew
July 21, 2021

23 gas pipeline operators were targeted by a Chinese cyber attack between December 2011 and February 2012.

The 23 companies received targeted spear phishing email campaign directed to their employees. The cyber attack compromised 13 operators – a confirmed success rate better than 50%!

There were also three “near misses” – presumably when companies were nearly breached. Eight more had an “unknown depth of intrusion.”

In 2021 the US government declassified details of these Chinese cyber attacks.

According to the US government, the attackers did not try to steal intellectual property. Instead they focused on gaining the ability to disrupt or damage the pipelines.

The spear phishing emails used were “constructed with a high level of sophistication to convince employees to view malicious files.”

Spear phishing emails manipulate and exploit your employees to gain access to your systems, data, or finances.

After compromising the systems of the pipeline operators, the attackers compromised company systems that allowed remote operation of equipment. They also stole data on the usernames and passwords of company employees and system manuals.

One of the affected companies reported that after they ejected the malicious actors from their systems and did a system-wide credential reset, their IT networking department received a number of phone calls from someone claiming to be conducting a survey on cyber security practices, and asking about the software the company used and its firewall policy.

This attack happened 10 years ago – and the attackers have only become more sophisticated!

Building a strong cyber security culture is critical to identify and stop cyber attacks.

Let’s find a time to catch up and see how we can help get every employee on your cyber team.

You can read the full US government report here.

Related Stories

January 14, 2022

Phishing smell after hackers check in

One day a hotel employee received an email that looked like it was from a tour operator. But it was a phishing email from hackers.

October 20, 2022

What is “Cryptojacking”?

Cryptocurrency is not a new concept. It has been around for years. Learn more about cryptocurrency and what risks it brings in our blog.

July 19, 2021

Disrupt the hackers before they disrupt you

Increasing ransomware attacks utilizing spear phishing techniques should be sounding alarm bells in the C-suites of not only large companies but also in SMBs.