- ‘Welcome to the edge of freedom’: Biden’s boots touch down in DMZ
- Obama: Hole U.S. ‘digging out of’ requires billions more in unemployment benefits
- Obama’s regulatory agenda will cost U.S. economy $143B next year: report
- Patriot Act author on James Clapper: Fire, prosecute him
- Russia P.M. Medvedev: No amnesty for political prisoners
- Michigan GOP Senate hopeful reminds government is the ‘servant’
- Christmas, by Congress: Members mull a 15-cent tax on trees
- U.S. unemployment falls to five-year low of 7 percent; 203K jobs added
- World mourns Nelson Mandela and celebrates his life; burial set for Dec. 15
- Bill O’Reilly reminds: Nelson Mandela ‘was a communist’
Report: Hackers in China hit Western oil companies
BEIJING (AP) - Hackers operating from China stole sensitive information from Western oil companies, a U.S. security firm reported Thursday, adding to complaints about pervasive Internet crime traced to the country.
The report by McAfee Inc. did not identify the companies but said the “coordinated, covert and targeted” attacks began in November 2009 and targeted computers of oil and gas companies in the United States, Taiwan, Greece and Kazakhstan. It said the attackers stole information on operations, bidding for oil fields and financing.
“We have identified the tools, techniques, and network activities used in these continuing attacks _ which we have dubbed Night Dragon _ as originating primarily in China,” said the report.
The report gave no indication the attacks were anything other than standard corporate espionage that plagues businesses around the world, which the U.S. and China have both accused each other of being deeply involved in.
The fact that oil companies were targeted may speak more to the value of their inside information than any attempt to cause damage to pipelines. McAfee called the attack methods “unsophisticated,” but said the culprits were patient: they may have been inside the networks for years.
“It looked to me like the traditional hack-to-steal-valuable-stuff,” said Josh Shaul, vice president of product management at Application Security Inc., a New York-based database security software maker that wasn’t involved in McAfee’s research. Application Security counts energy companies, including oil firms, among its clients. “It all seemed to me like someone trying to get ahead in the oil industry rather than doing something more nefarious.”
The intruders were prolific in their purloining, snatching files including configurations for the oil companies’ control systems, but Dmitri Alperovitch, vice president of threat research for McAfee, said they didn’t appear to be trying to figure out how to blow up a pipeline or destroy equipment.
“I got a very strong sense that was not their goal,” he said. “They expressed a much stronger interest in financial information.”
McAfee said it identified an individual in the eastern Chinese city of Heze in Shandong province who provided servers that hosted an application that controlled computers at the victim companies. The report did not identify the man but U.S. news reports citing McAfee gave his name as Song Zhiyue.
Contacted by phone, Song said he was a salesman for a company, Science and Technology Internet, that rents server space. He said some of his customers were hackers but he declined to comment on the attacks cited by McAfee. Song said he has not been contacted by Chinese authorities.
“I recently heard about Chinese hackers using U.S. servers provided by companies like ours to attack oil companies in the U.S. Our company alone has a great number of hackers” as customers, Song said. “I have several hundred of them among all my customers as far as I know.”
Critical infrastructure is increasingly a hacking target as its technology is brought into the Internet age.
An attack might be as simple as getting a low-level employee to open a malicious e-mail link. Or, it might involve exploiting well known vulnerabilities in Internet-connected servers, which is how McAfee said the oil companies were attacked. Finding those weaknesses can be simple; programs exist that will scan the Internet and automatically issue an alert when vulnerable servers have been found.
Still, money, not terrorism, appears to frequently be the motive, as it is with most computer crime.
A separate report last year from McAfee and the Center for Strategic and International Studies in Washington found that more than half of the 600 operators of power plants and other critical infrastructure surveyed said their networks were infiltrated by sophisticated adversaries. Extortion was identified as a common motivation. Oil companies were among the most frequently targeted.
- Bill OReilly reminds: Nelson Mandela was a communist
- Spike in battlefield deaths linked to restrictive rules of engagement
- Obama administration issues permits for wind farms to kill more eagles
- Obama: Hole U.S. 'digging out of' requires billions more in unemployment benefits
- Craigslist killers: Police say newlyweds stabbed man for thrills
- 'Dude, I'm dreading that I will have to go': Czech prime minister on Mandela funeral
- Kill team: Obama war chiefs widen drone death zones
- Rush Limbaugh: Obama trying to make Mandela death about himself
- NAPOLITANO: Pope Francis should be saving souls, not pocketbooks
- John Boehner says GOP should support gay candidates: I do
Independent voices from the The Washington Times Communities
Find the latest news and happening that effect those in the Washington D.C., Northern Virginia and Maryland Metro region.
A stat-head’s outlook, direct from his worn in couch cushion.
Classical music and the performing arts: news and reviews you can use.
Covering the world of soccer, including the World Cup, Major League Soccer, D.C. United and the English Premier League and other interesting sporting events.
White House pets gone wild!