Chinese Hackers Breached U.S. Pipelines, Could Have Imposed ‘Physical Consequences,’ FBI Announces

A joint cybersecurity alert by the Department of Homeland Security and the FBI revealed on Tuesday that China hacked into American oil and natural gas pipeline companies almost a decade ago.

Overall, 23 pipeline operators were targeted in the hacks from December 2011 through 2013. Information on the operations was reported by the FBI and the DHS’s Cybersecurity and Infrastructure Security Agency.

“CISA and the FBI assess that these actors were specifically targeting U.S. pipeline infrastructure for the purpose of holding U.S. pipeline infrastructure at risk,” the alert states. “Additionally, CISA and the FBI assess that this activity was ultimately intended to help China develop cyberattack capabilities against U.S. pipelines to physically damage pipelines or disrupt pipeline operations.”

The alert adds that the hackers had “sufficient access to allow them to remotely perform unauthorized operations on the pipeline with physical consequences.”

The revelations came one day after the Biden administration blamed China for a March hack on Microsoft Exchange servers. The administration also accused China of working with “criminal” actors to orchestrate ransomware attacks.

Over the past several months, U.S. companies have also been targeted in ransomware attacks from Russia-based hacking groups. One group, Darkside, managed to shut down the Colonial Pipeline, which supplies about 45 percent of fuel consumed on the east coast.

Colonial paid Darkside $4.4 million in ransom, although the Justice Department subsequently recovered at least $2.3 million in that amount.