Cybersecurity Alarm: US State Department Cautions Of Chinese Threat To Vital Infrastructure, Including Pipelines, Rail Systems

The US State Department issued a warning about China's ability to launch cyber attacks on critical infrastructure. This includes targets like oil and gas pipelines and rail systems.

The warning came after researchers uncovered evidence of a Chinese hacking group conducting surveillance on these networks, reports Reuters.

China's cyber espionage targeted US military and government, as reported in a multi-nation alert released on Wednesday.

However, China denied allegations of espionage against the West and dismissed the warning from the US and its allies as a "collective disinformation campaign."

US officials said they were still assessing the threat.

"We’ve had at least one location that we didn’t know about since the hunt guide was released come forward with data and information," Rob Joyce, the US National Security Agency's (NSA) cybersecurity director, told Reuters.

The agency disclosed technical details earlier to help critical service providers detect the spying.

CISA, the US Cybersecurity and Infrastructure Security Agency, said that it was studying the extent of potential intrusions and associated impacts.

That would help it "provide assistance where needed, and more effectively understand the tactics undertaken by this adversary," CISA's executive assistant director, Eric Goldstein, told Reuters.

Defending against this espionage is challenging because it's more covert than traditional spy operations, according to researchers and officials, said the report.

According to Goldstein, adversaries often leverage valid credentials and network administration tools to achieve their goals on a targeted network. Such intrusions are challenging to detect through typical antivirus methods.

Microsoft analysts, who named the campaign Volt Typhoon, warned that it has the potential to disrupt crucial communications infrastructure between the United States and Asia during future crises.

"The US intelligence community assesses that China almost certainly is capable of launching cyberattacks that could disrupt critical infrastructure services within the United States, including against oil and gas pipelines and rail systems," State Department spokesperson Matthew Miller said, according to the report, adding that "It's vital for government and network defenders in the public to stay vigilant."

China's Foreign Ministry spokesperson, Mao Ning, however, accused the United States, Britain, Canada, Australia, and New Zealand of issuing alerts to promote their intelligence alliance, 'Five Eyes'.

"The United States is the empire of hacking," Mao said.

US agencies are advocating for better cybersecurity practices in the privately held critical infrastructure industry following the Colonial Pipeline hack in 2021 which led to a massive fuel supply disruption.

The US, UK and their allies' intelligence agencies have raised an alert about Volt Typhoon, which has targeted critical infrastructure organizations in the US Pacific territory of Guam. Microsoft reported that the group was using Fortinet's FortiGuard devices to infiltrate targets' networks.

According to Marc Burnard, a researcher at Secureworks, whose organization has faced many intrusions associated with Volt Typhoon, there is no indication of damaging activity.

However, Volt Typhoon hackers are concentrating on swiping information that could reveal US military operations, Burnard said, as reported.

Volt Typhoon is positioning itself for disruptive attacks, according to NSA's Joyce.