Chinese hackers target oil, gas majors in growing cyber-attack
London (Platts)--10Feb2011/936 am EST/1436 GMT
Hackers in China have infiltrated the computer systems of several oil
and gas majors for over two years stealing sensitive information on oil
and gas field operations and assets bids, according to a report by
cyper-security firm McAfee Thursday.
Starting in November 2009, covert cyber attacks were launched against a
number global oil, energy, and petrochemical companies, in an
increasingly common form of corporate-focused cyber attack, which McAfee
dubbed as "Night Dragon".
In the attacks, hackers compromised servers in the US and the
Netherlands to wage attacks against the companies or sent infected
emails sent to company executives in Kazakhstan, Taiwan, Greece, and the
US to acquire "proprietary and highly confidential information."
Once the hackers were inside the companies' IT systems they would
install remote administration software that gave them complete control
of the systems, McAfee said.
The hackers targeted proprietary operations and project-financing
information on oil and gas field bids and operations, information that
is "highly sensitive and can make or break multibillion dollar deals in
this extremely competitive industry."
McAfee declined to name the companies affected by the attacks as some
are its clients.
The security company said it believes many actors participated in the
attacks, but identified one Chinese-based individual who has provided
the crucial infrastructure to the attackers.
The individual is based in Heze City, Shandong Province, China, and runs
a company that -according to the company?s advertisements- provides
hosted servers in the US with "no records kept," McAfee said.
The "Night Dragon" exploited vulnerabilities in Microsoft Windows
operating systems and remote administration tools to copy and extract
information, according to the report.
In a blog post, McAfee's chief technology officer George Kurtz warns
that this type of cyber attack on multinationals is likely to increase.
"Well-coordinated, targeted attacks such as Night Dragon, orchestrated
by a growing group of malicious attackers committed to their targets,
are rapidly on the rise," Kurtz said. "These targets have now moved
beyond the defense industrial base, government, and military computers
to include global corporate and commercial targets."
One of the most prevalent remote administration tools used to infiltrate
IT systems is "zwShell," which McAfee said it has seen in the wild since
the spring of 2010.
--Robert Perkins,
robert_perkins@platts.com
To subscribe or visit go to:
http://www.platts.com
|