A restricted US government report compiled by the Department of Homeland Security (DHS) states that 23 gas pipeline companies were targets of a cyber-attack in the six months from December 2011 to June 2012.
Emails designed to trick key personnel into opening them were sent to the companies and managed to infiltrate systems and steal information that could be used to sabotage the pipelines.
Independent cyber security researchers have traced the digital signatures of the attacks back to an espionage group which has close links with the Chinese military.
Related article: With Rail Interest, Who Needs Keystone XL?
The information stolen from the companies provides everything necessary for someone with the knowledge to blow up, not just one, but hundreds or thousands of gas compressor stations simultaneously. Effectively giving that person the power to hold the US’s gas infrastructure hostage, and in turn the whole of the US, as it now relies on natural gas for nearly 30% of its power grid.
William Rush, a retired scientist from the Gas Technology Institute, explained that “anyone can blow up a gas pipeline with dynamite. But with this stolen information, if I wanted to blow up not one, but 1,000 compressor stations, I could. I could put the attack vectors in place, let them sit there for years, and set them all off at the same time. I don’t have to worry about getting people physically in place to do the job, I just pull the trigger with one mouse click.”
The information would help hackers to reset computer controlled systems along the pipeline, allowing extreme pressures to build which could cause explosions, or valve failures along the entire pipeline network.
By. Joao Peixe of Oilprice.com
Joao is a writer for Oilprice.com