Chinese hackers target oil companies

According to security software maker McAfee the attacks started in November 2009.

In a report McAfee said: "We have identified the tools, techniques, and network activities used in these continuing attacks, which we have dubbed Night Dragon, as originating primarily in China."

McAfee said the attacks also targeted individuals and executives of oil companies to acquire proprietary and highly confidential information.

William Beer at OneSecurity PwC, said traditional defenses are simply not working. "Hackers were able to use advanced methods and techniques to penetrate what surely were well protected security systems and steal sensitive data, posing many risks like competitive disadvantage and damage to reputation, not to mention financial loss.

"The cost to oil, gas and petrochemical companies of this size could be huge, but important lessons can be learned to fend off further attacks. More investment and focus, as well as support and awareness of the security function, is required from business leaders. Across companies of any size and industry, investment in security measures pays for itself many times over."

According to US diplomatic files obtained and published by WikiLeaks, the US believes that China's leadership directed the hacking campaign into computers of Google and Western governments.

This article was first published by Computer Weekly

What’s hot on Infosecurity Magazine?