Several oil companies were targets of hackers seeking 'proprietary' data about global oil finds, cyber security firm AcAfee reported Thursday. All evidence points to cyber spies in China, it says.
Several multinational oil companies were victims of cyberespionage by Chinese hackers who downloaded sensitive data from their corporate networks, including the companies’ crown jewels – “bid data” detailing oil discoveries worldwide, reported cybersecurity company McAfee on Thursday.
By November 2009, the hackers had launched waves of coordinated “covert cyberattacks” aimed at pilfering the computer networks of global oil, energy, and petrochemical companies, McAfee reported. The attacks may even have begun as many as four years ago – and are still continuing, McAfee's analysis revealed.
The hackers launched their attacks from several spots in China and were connected through Internet service providers in the United States and compromised servers in the Netherlands. From those platforms, the hackers worked to gain access to computers belonging to oil and gas executives in Kazakhstan, Taiwan, Greece, and the US. The first order of business was to steal passwords in order to gain access to company networks – and, after that, to proprietary information.
“The attackers targeted proprietary operations and project-financing information on oil and gas field bids and operations,” George Kurtz, chief technology officer for McAfee, wrote in his blog Wednesday. “This information is highly sensitive and can make or break multibillion dollar deals in this extremely competitive industry."
Among techniques the hackers used were targeted “spear-phishing” attacks, in which the victim opens a custom-crafted e-mail designed to look as if it came from a boss or a coworker. Links in the e-mail typically connect to an infected site or open an infected attachment that installs a secret backdoor on the machine.
Page 1 of 4