Selloff or Market Correction? Either Way, Here's What to Do NextSee Overvalued Stocks

U.S. warns China could hack infrastructure, including pipelines, rail systems

Published 05/25/2023, 05:22 AM
Updated 05/26/2023, 05:11 AM
© Reuters. FILE PHOTO: Computer code is seen on a screen above a Chinese flag in this July 12, 2017 illustration photo. REUTERS/Thomas White/Illustration
MSFT
-
FTNT
-

By Raphael Satter, Zeba Siddiqui and James Pearson

(Reuters) -The U.S. State Department warned on Thursday that China was capable of launching cyber attacks against critical infrastructure, including oil and gas pipelines and rail systems, after researchers discovered a Chinese hacking group had been spying on such networks.

A multi-nation alert issued Wednesday revealed the Chinese cyber-espionage campaign had been aimed at military and government targets in the United States.

The Chinese government has rejected assertions that its spies are going after Western targets, calling the warning issued by the United States and its allies a "collective disinformation campaign."

U.S. officials said they were still in the process of getting their arms around the threat.

"We’ve had at least one location that we didn’t know about since the hunt guide was released come forward with data and information," Rob Joyce, the U.S. National Security Agency's (NSA) cybersecurity director, told Reuters. The agency disclosed technical details earlier to help critical service providers detect the spying.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) separately said it was working to understand "the breadth of potential intrusions and associated impacts."

That would help it "provide assistance where needed, and more effectively understand the tactics undertaken by this adversary," CISA's executive assistant director, Eric Goldstein, told Reuters.

Part of the challenge in defending against this espionage work is that it's more covert than regular spy operations, according to researchers and officials.

"In these cases the adversary is often using legitimate credentials and legitimate network administration tools to gain access to execute their objectives on a target network," Goldstein said. "Many traditional methods of detection, such as antivirus, will not find these intrusions."

Microsoft (NASDAQ:MSFT) analysts who identified the campaign, which they dubbed Volt Typhoon, said it "could disrupt critical communications infrastructure between the United States and Asia region during future crises" - a nod to escalating U.S.-China tensions over Taiwan and other issues.

"The U.S. intelligence community assesses that China almost certainly is capable of launching cyberattacks that could disrupt critical infrastructure services within the United States, including against oil and gas pipelines and rail systems," State Department spokesperson Matthew Miller said in a press briefing.

"It's vital for government and network defenders in the public to stay vigilant."

U.S. agencies have been pushing for improved cybersecurity practices in its majority-privately held critical infrastructure industry, after the 2021 hack of the key Colonial Pipeline disrupted nearly half of the U.S. East Coast’s fuel supply.

Intelligence agencies in the United States, Britain and their close allies issued an alert Wednesday to warn about Volt Typhoon. Microsoft said the group had targeted critical infrastructure organizations in the U.S. Pacific territory of Guam, and it was using the security firm Fortinet (NASDAQ:FTNT)'s FortiGuard devices to break into target's networks.

Researcher Marc Burnard, whose organisation Secureworks has dealt with several intrusions tied to Volt Typhoon, said Secureworks had seen no evidence of destructive activity by Volt Typhoon, but that its hackers were focused on stealing information that would "shed light on U.S. military activities."

NSA's Joyce said there was no doubt Volt Typhoon was putting itself in position to carry out disruptive attacks.

"It’s clear that some of the entities on here are of no intelligence value," he told Reuters of the critical infrastructure sites identified by the government.

© Reuters. FILE PHOTO: U.S. and Chinese flags are seen in this illustration taken, January 30, 2023. REUTERS/Dado Ruvic/Illustration

Chinese foreign ministry spokesperson Mao Ning told reporters that the alerts issued by the United States, Britain, Canada, Australia and New Zealand were intended to promote their intelligence alliance - known as the Five Eyes - and it was Washington that was guilty of hacking.

"The United States is the empire of hacking," Mao said.

Latest comments

Risk Disclosure: Trading in financial instruments and/or cryptocurrencies involves high risks including the risk of losing some, or all, of your investment amount, and may not be suitable for all investors. Prices of cryptocurrencies are extremely volatile and may be affected by external factors such as financial, regulatory or political events. Trading on margin increases the financial risks.
Before deciding to trade in financial instrument or cryptocurrencies you should be fully informed of the risks and costs associated with trading the financial markets, carefully consider your investment objectives, level of experience, and risk appetite, and seek professional advice where needed.
Fusion Media would like to remind you that the data contained in this website is not necessarily real-time nor accurate. The data and prices on the website are not necessarily provided by any market or exchange, but may be provided by market makers, and so prices may not be accurate and may differ from the actual price at any given market, meaning prices are indicative and not appropriate for trading purposes. Fusion Media and any provider of the data contained in this website will not accept liability for any loss or damage as a result of your trading, or your reliance on the information contained within this website.
It is prohibited to use, store, reproduce, display, modify, transmit or distribute the data contained in this website without the explicit prior written permission of Fusion Media and/or the data provider. All intellectual property rights are reserved by the providers and/or the exchange providing the data contained in this website.
Fusion Media may be compensated by the advertisers that appear on the website, based on your interaction with the advertisements or advertisers.
© 2007-2024 - Fusion Media Limited. All Rights Reserved.