ExxonMobil, Marathon Oil and ConocoPhillips are just three of the US companies that have been breached in the last few years by cybercriminals that left some clues pointing in the direction of the Middle Kingdom.
Once again, the evidence raises the suspicion, but fails to give certainty. The problem with cyber attacks is that it is extremely difficult to know unequivocally who’s responsible.
According to The Christian Science Monitor, the data flowing from the networks of this oil and gas companies has – at least in one case – found it’s way to a a computer in China. Of course, that doesn’t exclude the possibility that some other country “recruited” Chinese servers to cover their tracks and cast a shadow of doubt on an “enemy”.
The main goal of these attacks was to infiltrate the companies’ networks and gain access to valuable data regarding oil discoveries around the world – location, quantity, value. This was done by infiltrating them through spear phishing campaigns and planting zero-day spyware – the attackers managed to gain access all the way to the senior executive level.
The information in question is worth a lot, and it was extremely costly to come by, so a successful extraction saves the attacker from millions of dollars of expenses.
Nobody doubts that this information would be valuable to every nation in the world, but eyes once again turn to China and it’s perpetually energy-hungry economy. Its state-owned oil companies have been the biggest US competitors when it comes to leasing oil fields worldwide.
Attacking strategically important businesses and going after their data is definitely an aspect of cyber espionage that has lately been more and more in the spotlight. Business networks are often easier to penetrate than the military ones, and there is a lot of valuable information to steal.
It remains to be seen what will the US do about all these attacks that have lately been coming their way. In my opinion, planting fake information to see where it surfaces might be a good start.