Hackers believed to be in China launched “covert cyberattacks” against at least five global oil and energy companies, according to a report by cybersecurity firm McAfee.
The online attacks, dubbed “Night Dragon,” were designed to compromise oil and gas field production systems and to steal sensitive corporate financial documents, financial data and e-mails pertaining to operations and contract bids, according to the “Global Energy Cyberattacks: “Night Dragon” report issued last night (Feb. 9).
“This information is highly sensitive and can make or break multibillion dollar deals in this extremely competitive industry,” wrote McAfee chief technology officer George Kurtz.
McAfee did not identify the targeted companies.
The attacks employed “an elaborate mix of hacking techniques,” including spear-phishing, social engineering and Windows exploits. The espionage campaign is believed to have begun in November 2009, and McAfee said it is still occurring.
In its analysis of the tools and techniques of the Night Dragon attacks, McAfee believes they were deployed from cybercriminals based in China.
Highly orchestrated and specific attacks such as Night Dragon – as well as last year’s Stuxnet attack, which targeted an Iranian power plant, and Operation Aurora hackers, who went after Google — are “rapidly on the rise,” Kurtz warned.
“It is vital that organizations work proactively toward protecting the very lifeblood of many organizations: their intellectual property,” Kurtz said.
- For Sale By Hacker: Government, Military and Educational Sites
- U.S. Reporter May Have Been Chinese Cyberpawn
- Security and Privacy Software Reviews