Industry News

China Positioned to Hack US Railways and Pipelines

26 May 2023

The US State Department is warning network defenders to stay vigilant after new information gathered by Western intelligence agencies shows China is capable of large-scale cyberattacks targeting critical US infrastructure.

Critical infrastructure that includes "oil and gas pipelines and rail systems," said State Department spokesperson Matthew Miller during a press briefing in Washington DC on Thursday.

"It's vital for government and network defenders in the public to stay vigilant," Miller said.

A multi-nation cybersecurity advisory issued Wednesday warned of a recently discovered espionage campaign – dubbed "Volt Typhoon" by Microsoft – associated with the People’s Republic of China (PRC).

Security researchers say the Chinese hackers are thought to be spying on sensitive networks within the US but were also found to have targeted critical infrastructure organizations located in the US Pacific territory of Guam.

Additionally, the threat actors have been focused on stealing information that would "shed light on US military activities," security researchers said.

The latest finding could be considered “a continuation of the long-standing tradition of cyberespionage on behalf of the Chinese government,” said Tim Wade, Deputy CTO of Vectra AI.

But Wade also believes that “cybersecurity attacks do not exist in a geopolitical vacuum.”

“It is no secret that tensions between the US and China have escalated,” Wade said.

“The latest cyberespionage campaign is is clearly evidence of [China] exercising and exploring the full set of capabilities afforded them in the face of this escalation,” he said.

Experts say the advisory is a push by US intelligence agencies to avoid another debilitating cyberattack such as the 2021 Colonial Pipeline attack, which paralyzed the oil supply line along the nation’s East Coast for nearly a week.

The ransomware attack, which forced Colonial to shut down its digital supply network spanning 5500 miles of pipeline, caused a nationwide panic due to fuel shortages and surging gas prices.

Armis CTO and co-founder Nadir Izrael says the recent discovery is a needed wake up call for the US and its allies.

“This act of cyberespionage by China is unprecedented. And the U.S. has been caught on its back foot,” Izrael said.

Citing China’s escalating defense budget, Izrael said the PRC’s “offensive cyber capabilities has created a global weapon in its arsenal to rattle critical infrastructure across nearly every sector–from communications to maritime – and interrupt U.S. citizens’ lives.”

The PRC defense budget has been estimated at around $225 billion for 2023, an increase of nearly $50 billion since 2020, according to the Stockholm International Peace Research Institute.

“This growing investment has enabled China to build up its cyber capabilities, with more than 50,000 cyber soldiers and an advanced cyberwarfare unit," Izrael said.

In response, China's foreign ministry rejected claims that its spies are going after Western targets and called the joint warning a "collective disinformation campaign."

The five Western nations behind the alert include the United States, Britain, Canada, Australia and New Zealand, otherwise known as the “Five Eyes.”