The world’s energy companies are under a concerted cyber-attack from China, dubbed Night Dragon, which is taking control of internal servers for industrial espionage, according to security firm McAfee.
The attacks, which started in November 2009, use social engineering, spearphishing attacks and Microsoft Windows operating system vulnerabilities, as well as remote administration tools (RATs), to harvest competitive information on issues such as oil and gas field bids and operations, according to a white paper released today by McAfee.
The attacks use “standard host administration techniques that utilize administrative credentials,” said Kurtz. “This is largely why they are able to evade detection by standard security software and network policies.”
However, McAfee has correlated the effects and reckons there is a concerted effort, and has updated signatures to look for Night Dragon. “We can now associate the various signatures that we have seen in these attacks to this particular event called Night Dragon,” said Kurtz.
Once one system has been compromised, the attackers use conventional administration tools, and RATs such as Gh0st and zwShell to exploit that machine, distribute Trojans, and download account hashes from which passwords can eventually be extracted with tools like Cain & Abel.
McAfee has confirmed five large companies which are victims of Night Dragon attacks, and estimates up to a dozen companies are affected – but is not free to name the victims.
McAfee’s report describes espionage, rather than cyber-war, but lends weight to fears of concerted attacks, which have been expressed by the OECD, by Defence Minister Nick Harvey, and by the boss of the government snooping station GCHQ.
McAfee will talk more about the attack, at the RSA conference in San Francisco.
Thoma Bravo agrees to acquire Darktrace for $5.32 billion in cash, delivering some welcome news…
Customer adoption of AI services embedded in cloud services continues to deliver results for Microsoft,…
TikTok's 'secret source' algorithm is so core to ByteDance, it would rather shut down US…
After relocating from California to Texas in 2020, Oracle's Larry Ellison now reveals plan to…
Share price hit after Meta admits heavy AI spending plans, after posting strong first quarter…
For third time Google delays phase-out of third-party Chrome cookies after pushback from industry and…