Cyber Espionage Targets Major Global Energy Companies

The attacks have originated from China since late 2009, and they are not particularly sophisticated. But hacker forays dubbed “Night Dragon” have succeeded in breaking into private company networks and downloading “files of interest” from their web servers.

The news about the attacks broke last week with an announcement from McAfee, Inc., the anti-virus software firm. They named the attacks and assessed that their sophistication was far below the Stuxnet worm that was found infecting control system networks last year.

“Night Dragon sends another sobering message to the critical infrastructure community,” says this article in Automation World. “These people used comparatively low-tech methods to achieve their ends, and the target of their attack was susceptible to those low-tech attacks.”

“These attacks have involved social engineering, spearphishing attacks, exploitation of Microsoft Windows operating systems vulnerabilities, Microsoft Active Directory compromises, and the use of remote administration tools (RATs) in targeting and harvesting sensitive competitive proprietary operations and project-financing information with regard to oil and gas field bids and operations,” the article says.

To read the full article, click here: