The oil industry is on the front line of an ongoing cyberwar, and China has been revealed as the latest combatant.
That’s the upshot of a white paper published today by McAfee, the anti-virus and digital security firm.
“Attackers using several locations in China have leveraged C&C servers on purchased hosted services in the United States and compromised servers in the Netherlands to wage attacks against global oil, gas, and petrochemical companies, as well as individuals and executives in Kazakhstan, Taiwan, Greece, and the United States to acquire proprietary and highly confidential information,” said McAfee.
“Well-coordinated, targeted attacks such as Night Dragon, orchestrated by a growing group of malicious attackers committed to their targets, are rapidly on the rise. These targets have now moved beyond the defense industrial base, government, and military computers to include global corporate and commercial targets,” the report adds.
“Files of interest focused on operational oil and gas field production systems and financial documents related to field exploration and bidding that were later copied from the compromised hosts or via extranet servers. In some cases, the files were copied to and downloaded from company Web servers by the attackers. In certain cases, the attackers collected data from supervisory control and data acquisition (SCADA) systems.”
The implications for the oil and gas industry are potentially serious: SCADA systems underpin the operation of almost all oil infrastructure and contain information which is potentiall extremely commercially and politically significant.
“We have identified the tools, techniques, and network activities used in these continuing attacks — which we have dubbed Night Dragon — as originating primarily in China,” said McAfee.
The full white paper is available here.