Hackers have targeted five international oil companies and have extracted sensitive corporate information about oil- and gas-field operations, project financing and bidding, claims security firm McAfee in a recently released report.
They would not name the companies involved, but their names are know to the FBI who have already started an investigation into the matter. McAfee claims that the attacks were – and are still – “coordinated, covert and targeted”, and that it seems that they originate in China.
The goal of the attack seems pure industrial espionage, and there is on evidence so far of any action from the hackers that would qualify as sabotage. It seems that the attacks began in 2009, but there are also some indications that 2007 could have been the starting year.
Dubbed “Night Dragon” by McAfee, the attacks have been focusing on the energy sector, but the same tools and techniques can be used for targeting any other industry, and that is what worries the US most.
Its intelligence agencies have already warned the country’s biggest and economically most crucial companies about the fact that China possesses the capabilities and the motivation to effect such attacks.
According to The Wall Street Journal, the attacks have been perpetrated with hacking tools of mainly Chinese origin and from a Chinese Internet addresses in Beijing.
Amazingly enough, the attackers seemingly saw no need to cover their tracks, and according to Dmitri Alperovitch, McAfee’s VP of threat research, they seem to be “company worker bees” that “operated on a strict weekdays, nine-to-five Beijing time-zone schedule.”
He also said that the attacks seem organized, but that it was impossible to say whether they were directed by the private or the public sector. McAfee’s research discovered that the external servers used by the attackers are provided by one Song Zhiyue from Heze City in the Shandong Province. When contacted by reporters, he denied knowing anything about the attacks.