Chinese Hack Global Oil Industry and Other Business; What Else Is New?

Last Updated Feb 10, 2011 2:19 PM EST

Chinese hackers have been busy stealing information from oil companies, according to security vendor McAfee (MFE). The attacks started in Nov. 2009 and continue to this day, using "an elaborate mix of hacking techniques including social engineering, spear-phishing, Windows exploits, Active Directory compromises, and the use of remote administration tools." And, according to the report, many other industries have been similarly targeted.

This isn't the first or last time that hacking has come out of China. In fact, among many industries, the country and even its government have a reputation of favoring its domestic businesses and even outright stealing intellectual property. So why do corporations continue to line up to do business there? Because they assume that the potential reward will outweigh the risk to their foundational technologies and trade secrets. It's a big mistake.

According to McAfee, people based in China attacked global oil, gas, and petrochemical companies. But the activity goes far beyond one industry:
Our experience has shown that many other industries are currently vulnerable and are under continuous and persistent cyberespionage attacks of this type. More and more, these attacks focus not on using and abusing machines within the organizations being compromised, but rather on the theft of specific data and intellectual property.
To keep things in some perspective, McAfee makes its money selling security software and services and doesn't provide metrics that would show how widespread the problem might be. Below is a McAfee diagram that shows the basic structure of how the attacks occur (click on graphic to enlarge):


Allegations of cyber attacks from China aren't new. Although there is no evidence at the moment to tie these attacks to the country's officials, allegations that China's government has used hacking to gain military intelligence from other countries isn't new. But more evidence has suggested the degree to which Western governments and businesses have begun to suspect elements in the country the country of undertaking electronic corporate espionage.

Some of the WikiLeaks cables have made clear a U.S. government view that Chinese officials are nearly obsessed with the threat that the Internet poses to their political power:
Extensive hacking operations suspected of originating in China, including one leveled at Google, are a central theme in the cables. The operations began earlier and were aimed at a wider array of American government and military data than generally known, including on the computers of United States diplomats involved in climate change talks with China.
Even when individuals in China, as opposed to the government, appear to be responsible for online attacks and information theft, you have to wonder how much of a ruse that might be. After all, the Chinese authorities have immense control over Internet traffic in the country and have shown themselves capable of finding hackers when they wished. In 2007, British security service MI5 warned that Chinese officials targeted banks, accounting firms, and law firms in attacks.

Over time, there's been a lot of evidence that companies risk their intellectual property when doing business in China. Now it seems that there's danger doing business anywhere. At least there's some consistency.

Related: Image: morgueFile user mconnors.
  • Erik Sherman On Twitter»

    Erik Sherman is a widely published writer and editor who also does select ghosting and corporate work. The views expressed in this column belong to Sherman and do not represent the views of CBS Interactive. Follow him on Twitter at @ErikSherman or on Facebook.

Comments