A new report from computer security firm McAfee has identified five multinational oil and gas companies, whose networks were broken into by Chinese hackers, most probably with an intention to steal bidding plans and other important proprietary information.
Apart from the identified companies, which were, however, not named, around seven other companies also seem to have been under attack but could not be identified with certainty. The report traces the attacks to Beijing IP addresses operational during 9 a.m. to 5 p.m. local time via a server leasing company in Shandong Province that hosted the malicious software.
The attacks, collectively labeled Night Dragon, were reportedly not the most sophisticated among hacking attempts but nevertheless managed to attain their end. Accessing the computer systems of targets either through infected emails sent to employees or their public websites, the infiltrators continued to extract financial documents related to oil and gas field exploration, bidding contracts, and copied proprietary industrial processes over a sustained period of two to four years.
Speaking to Reuters, Dmitri Alperovitch, McAfee's vice president for threat research said, That information is tremendously sensitive and would be worth a huge amount of money to competitors.
However, till now, there have been no pointers towards any state involvement and the primary motive appears to be corporate espionage. Reuters also quotes Jim Lewis, a cyber expert with the Center for Strategic and International Studies think tank as saying that such spying is part of normal business practice in China and that local firms, too, often indulge in the same against each other. The state has not been known to be particularly aggressive either in bringing the offenders to task in cases noted so far.