Who is Hacking into US Critical Infrastructures

Who is Hacking into US Critical Infrastructures

According to the New York Times, Mandiant, a U.S.-based cybersecurity firm, revealed that it was likely that China’s military personnel hacked into Telvent Canada, a firm known as Schneider Electric that makes switches and other gear for oil and gas pipelines. The Chinese military denies the allegations, stating they are “groundless both in facts and legal basis.”

Should the Chinese be to blame, experts say the snooping probably served two purposes:

  • To gather information to improve the Chinese critical infrastructure; and
  • To lay the groundwork for a future attack to shut down U.S. systems.

Headquartered in the outskirts of Shanghai is Unit 61398 of the People’s Liberation Army, where alleged cyber-attacks take place. According to American intelligence officials, they have tapped into this activity of the Chinese army for years. If this is true, then a high percentage of attacks on American corporations, organizations and governmental agencies originate here…in a white, 12-story tower of offices.

Officials at the Chinese embassy in Washington insisted that their government does not engage in computer hacking, and that such an activity is illegal. However, Mandiant has detected more than 140 intrusions since 2006.

The Chinese Ministry of Foreign Affairs has also responded to these allegations. Hong Lei, a ministry spokesman, said, “Making unfounded accusations based on preliminary results is both irresponsible and unprofessional, and is not helpful for the resolution of the relevant problem. China resolutely opposes hacking actions and has established relevant laws and regulations and taken strict law enforcement measures to defend against online hacking activities.”

Obama administration officials have noted that they plan to inform China’s new leaders that the volume and sophistication of the attacks have become so intense that they threaten the fundamental relationship between Washington and Beijing.

It seems that America is in a digital war with China. “In the cold war, we were focused every day on the nuclear command centers around Moscow,” one senior defense official stated. “Today, it’s fair to say that we worry as much about the computer servers in Shanghai.”

Most industrial control systems in America are fairly well guarded, but according to Chief Executive of Digital Bond, Dale Peterson, “Once a hacker is in the system, there’s very few safeguards preventing the intruder from sending commands that could, say, cause an accident at a chemical plant or lead a pharmaceutical factory to dispense the wrong medications.” Both, of which, could obviously cause disastrous results.

The power grid is one of the most critical systems because without electricity everything – offices, factories, etc. – stop operating.

Mark McGranaghan, a power delivery and utilization specialist at the Electric Power Research Institute, stated, “It’s an issue at the top of the list of every utility executive.”

It’s difficult to accurately play the “blame game” when it comes to computer hacking, due to the sophisticated tactics of professional hackers. While people may be able to pinpoint and target the exact area in which the hacking originated, proving exactly who participated in the act of hacking itself is a bit more difficult.

Sources: http://www.nytimes.com/2013/02/19/technology/chinas-army-is-seen-as-tied-to-hacking-against-us.html?pagewanted=all

http://money.cnn.com/2013/02/20/news/economy/hacking-infrastructure/index.html

Photo courtesey of KG News - http://kevingilmour.net

About the Author

Ginger Hill is Group Social Media Manager.

Featured

  • Survey: 54% of Organizations Cite Technical Debt as Top Hurdle to Identity System Modernization

    Modernizing identity systems is proving difficult for organizations due to two key challenges: decades of accumulated Identity and Access Management (IAM) technical debt and the complexity of managing access across multiple identity providers (IDPs). These findings come from the new Strata Identity-commissioned report, State of Multi-Cloud Identity: Insights and Trends for 2025. The report, based on survey data from the Cloud Security Alliance (CSA), highlights trends and challenges in securing cloud environments. The CSA is the world’s leading organization dedicated to defining standards, certifications, and best practices to help ensure a secure cloud computing environment. Read Now

  • Study: Only 35 Percent of Companies Include Cybersecurity Teams When Implementing AI

    Only 35 percent of cybersecurity professionals or teams are involved in the development of policy governing the use of AI technology in their enterprise, and nearly half (45 percent) report no involvement in the development, onboarding, or implementation of AI solutions, according to the recently released 2024 State of Cybersecurity survey report from ISACA, a global professional association advancing trust in technology. Read Now

  • New Report Series Highlights E-Commerce Threats, Fraud Against Retailers

    Trustwave, a cybersecurity and managed security services provider, recently released a series of reports detailing the threats facing the retail sector, marking the second year of its ongoing research into these critical security issues. Read Now

  • Stay Secure in 2024: Updated Cybersecurity Tips for the Office and at Home

    Cyber criminals get more inventive every year. Cybersecurity threats continue to evolve and are a moving target for business owners in 2024. Companies large and small need to employ cybersecurity best practices throughout their organization. That includes security integrators, manufacturers, and end users. Read Now

Featured Cybersecurity

Webinars

New Products

  • 4K Video Decoder

    3xLOGIC’s VH-DECODER-4K is perfect for use in organizations of all sizes in diverse vertical sectors such as retail, leisure and hospitality, education and commercial premises. 3

  • AC Nio

    AC Nio

    Aiphone, a leading international manufacturer of intercom, access control, and emergency communication products, has introduced the AC Nio, its access control management software, an important addition to its new line of access control solutions. 3

  • Luma x20

    Luma x20

    Snap One has announced its popular Luma x20 family of surveillance products now offers even greater security and privacy for home and business owners across the globe by giving them full control over integrators’ system access to view live and recorded video. According to Snap One Product Manager Derek Webb, the new “customer handoff” feature provides enhanced user control after initial installation, allowing the owners to have total privacy while also making it easy to reinstate integrator access when maintenance or assistance is required. This new feature is now available to all Luma x20 users globally. “The Luma x20 family of surveillance solutions provides excellent image and audio capture, and with the new customer handoff feature, it now offers absolute privacy for camera feeds and recordings,” Webb said. “With notifications and integrator access controlled through the powerful OvrC remote system management platform, it’s easy for integrators to give their clients full control of their footage and then to get temporary access from the client for any troubleshooting needs.” 3