Security Experts: China-Based Hackers Stole Energy Companies’ Secrets
Over the last two years (and perhaps as long as four), hackers probably based in China have been targeting several huge multinational energy companies and using long-established techniques to extract information. That’s according to the computer security firm McAfee, which helped some of the companies fight back against the ongoing wave of attacks it has dubbed “Night Dragon.”
â€œWe have confirmed that five companies have been attacked,â€ said Dmitri Alperovitch, McAfeeâ€™s vice president for threat research. He said he suspected that at least a dozen companies might have been affected by the team of computer hackers seemingly based in Beijing and who appeared to work during standard business hours there. â€œThese people seemed to be more like company worker bees rather than free-spirited computer hackers,â€ he said. â€œThese attacks were bold, even brazen, and they left behind a trail of evidence.â€ [The New York Times]
In a blog post about the attacks, McAfee CTO George Kurtz notes that the hackers took advantage of techniques that have been around for more than a decade. In fact, he says, their simplicity helped them to evade security software.
During the last two years — and up to four years — the hackers had access to the computer networks, focusing on financial documents related to oil and gas field exploration and bidding contracts, said Alperovitch. They also copied proprietary industrial processes. “That information is tremendously sensitive and would be worth a huge amount of money to competitors,” said Alperovitch. [Reuters]
As with the attacks against Google last year, the question about China-based hacks becomes: Was this online aggression supported by the Chinese government?
Mr. Alperovitch said it was unclear if the attacks were done with any official sanction. “The facts point to Chinese hacker activity that is organized, so [it is] potentially directed either by the private sector or the public sector. But it’s impossible for me to know for sure which one,” he said. [Wall Street Journal]
What is clear from this attack and others, Kurtz says, is that these teams of hackers may have shifted their goals. From the McAfee post:
More and more, these attacks focus not on using and abusing machines within the organizations being compromised, but rather on the theft of specific data and intellectual property. Focused and efficient define the very essence of todayâ€™s attackers.Â Thus, it is vital that organizations work proactively toward protecting the very lifeblood of many organizations: their intellectual property.