China has denied on numerous occasions that its military is involved in cyberattacks, yet reports keep surfacing about the country’s implication in cyber espionage campaigns against the United States and other countries.
According to The Christian Science Monitor, 23 natural gas pipeline operators from the US were targeted between December 2011 and June 2012 by a group allegedly linked to the Chinese military.
The hackers are said to have used spear phishing emails to trick the organizations’ employees into installing pieces of malware.
The Department of Homeland Security (DHS) has released a classified report that details the attacks. While the report itself doesn’t appoint China as being the culprit, experts say the digital fingerprints left by the hackers are similar to the ones used by an espionage group linked to the Chinese military.
Experts have told The Christian Science Monitor that the information stolen by the attackers – including usernames, passwords, system manuals, and pipeline control system access credentials – could be used to cause some serious damage.
“Anyone can blow up a gas pipeline with dynamite. But with this stolen information, if I wanted to blow up not one, but 1,000 compressor stations, I could,” said William Rush, a retired scientist formerly with the Gas Technology Institute, and a strong advocate of cybersecurity standards in the gas pipeline industry.
“I could put the attack vectors in place, let them sit there for years, and set them all off at the same time. I don’t have to worry about getting people physically in place to do the job, I just pull the trigger with one mouse click.”
The DHS report says 10 of the 23 organizations were successfully penetrated, 10 are still under investigation and the rest are considered “near misses.”
Sources close to the investigation have told the Monitor that those who stole the valuable information could take control of computer-controlled pipeline systems, and sabotage them by altering valve settings and modifying pipeline pressures.