Hackers in China rifled oil firms’ files
Analysts deem it industry spying
BEIJING — Hackers operating from China stole sensitive information from Western oil companies, a US security firm reported yesterday, adding to complaints about pervasive Internet crime traced to the country.
The report by
“We have identified the tools, techniques, and network activities used in these continuing attacks — which we have dubbed Night Dragon — as originating primarily in China,’’ said the report.
Yet the report did not offer evidence that the attacks were anything other than the standard flavor of corporate espionage that plagues businesses around the world and in which the United States and China have both accused each other of being deeply involved.
The fact that oil companies were targeted may speak more to the value of their inside information than any attempt to cause damage to pipelines. McAfee called the attack methods unsophisticated but said the culprits were patient. They may have been inside the networks for years.
“It looked to me like the traditional hack to steal valuable stuff,’’ said Josh Shaul, vice president of product management at Application Security Inc., a New York-based database security software maker that wasn’t involved in McAfee’s research. Application Security counts energy companies, including oil firms, among its clients. “It all seemed to me like someone trying to get ahead in the oil industry rather than doing something more nefarious.’’
The intruders were prolific in their purloining, snatching files including configurations for the oil companies’ control systems, but Dmitri Alperovitch, vice president of threat research for McAfee, said they did not appear to be trying to figure out how to blow up a pipeline or destroy equipment.
“I got a very strong sense that was not their goal,’’ he said. “They expressed a much stronger interest in financial information.’’
The Chinese government has denied it is involved.