US natural gas pipeline network hacking linked to China
31 May 2012
Days after a report surfaced that the country's natural gas infrastructure has been subject to ongoing cyber attack, investigators believe they may have identified a link to China, according to a report in The Christian Science Monitor. The attacks, which have been occurring since March of this year, have targeted several of the country's natural gas pipeline companies.
Hacking of US pipeline company systems reportedly started in March and has become widespread since then
More importantly, the Department of Homeland Security noted in a statement that "Analysis of the malware and artifacts associated with these cyber attacks has positively identified this activity as related to a single campaign."
The Monitor reports that some investigators now believe that the campaign is tied to another attack last year against cybersecurity company RSA, which the head of the National Security Agency told Congress could be traced back to China. The group responsible for the RSA attacks has also been linked to several previous hacking incidents around the globe.
Observers say that these cyber attacks are a real danger to the country’s rapidly expanding gas pipeline network.
According to the Pipeline and Gas Journal, a Trojan program inserted into the supervisory control and data acquisition (SCADA) system software caused a massive natural gas explosion along the Trans-Siberian pipeline in 1982. The event was initially acknowledged by a Russian general, and then subsequently denied by the Russian press, and kept secret within the CIA until 2004 when details were released upon publication of the Cold War memoirs of a retired insider. The events and methodology were explained and later presented in security testimony before the U.S. House of Representatives.
Pipeline data is collected continuously from custody transfer meters and pumping stations along hundreds and thousands of miles of distribution pipeline. There are millions of dollars involved in the simple reporting of quality data as recorded electronically from the gathering field and delivery point, and the consequences of a hacker gaining access can be very serious indeed.
DCS, SCADA, programmable logic controllers (PLCs) and other legacy control systems have been used for decades in power plants and grids, oil and gas refineries, air traffic control, railroad management, pipeline pumping stations, pharmaceutical plants, chemical plants, automated food and beverage lines, industrial processes, automotive assembly lines, and water treatment plants.
And beyond the dangers of deliberate, destructive sabotage, are the financial and economic business risks. These need not involve terrorist attacks or the intervention of foreign powers.