Oil Companies Hit With Cyberattack, Likely From ChinaFeb 10, 2011 – 2:18 PM
Text Size Print this page|EmailShare on FacebookShare on TwitterShare on DiggShare on Lifestream
Hugh Collins
Contributor
At least five major oil and gas companies were the victims of a cyberattack that aimed to steal valuable commercial information, according to a report by software security company McAfee.
The attack, which apparently originated in Beijing, focused on oil and gas field production systems and information related to field exploration and bidding for new leases, according to the New York Times. The report dubbed the attack "Night Dragon."
The report did not name the companies affected.
"Starting in November 2009, covert cyberattacks were launched against several global oil, energy and petrochemical companies," George Kurtz, chief technology officer with McAfee, wrote on his blog. "This information is highly sensitive and can make or break multibillion-dollar deals in this extremely competitive industry."
Governments and major corporations have grown increasingly concerned about the ability of hackers to cripple their operations. In late 2009, Internet giant Google discovered that it had been the victim of online espionage.
In 2007, a cyberattack crashed the entire Internet infrastructure of Estonia.
The attack on the oil companies appears to be a professional one, rather than the work of individual hackers out to cause mischief. They even took place between 9 a.m. and 5 p.m. local time in Beijing.
"These people seemed to be more like company worker bees rather than free-spirited computer hackers," said Dmitri Alperovitch, McAfee's vice president for threat research, according to the Times.
The hackers first entered the companies' network using their Internet servers, according to technology site CNET.
From there, they were able to gain access to individual computers and harvest valuable information.
The use of these techniques points toward China as the country of origin for the attacks.
"The tools, techniques and network activities used in these attacks originate primarily in China," Kurtz wrote. "These tools are widely available on the Chinese Web forums and tend to be used extensively by Chinese hacker groups."
Sponsored LinksThe report even said it had identified one individual who allegedly provided vital infrastructure for the attack.
The individual is based in Heze City, in eastern China. McAfee stressed that the individual is unlikely to have masterminded the attack.
The hacking techniques employed were "unsophisticated," the report said.
"They simply appear to be standard host administration techniques, using standard administrative credentials," the report said.
"This is largely why they are able to evade detection by standard security software and network policies."
AI
