BEIJING — Hackers operating from China stole sensitive information from Western oil companies, a U.S. security firm reported Thursday, adding to complaints about pervasive Internet crime traced to the country.
The report by McAfee Inc. did not identify the companies but said the "coordinated, covert and targeted" attacks began in November 2009 and targeted computers of oil and gas companies in the United States, Taiwan, Greece and Kazakhstan. It said the attackers stole information on operations, bidding for oil fields and financing.
"We have identified the tools, techniques, and network activities used in these continuing attacks — which we have dubbed Night Dragon — as originating primarily in China," said the report.
Yet the report did not offer evidence that the attacks were anything other than the standard flavor of corporate espionage that plagues businesses around the world, which the U.S. and China have both accused each other of being deeply involved in.
The fact that oil companies were targeted may speak more to the value of their inside information than any attempt to cause damage to pipelines. McAfee called the attack methods "unsophisticated," but said the culprits were patient: they may have been inside the networks for years.
"It looked to me like the traditional hack-to-steal-valuable-stuff," said Josh Shaul, vice president for product management at Application Security Inc., a New York-based database security software maker that wasn't involved in McAfee's research. Application Security counts energy companies, including oil firms, among its clients. "It all seemed to me like someone trying to get ahead in the oil industry rather than doing something more nefarious."
The intruders were prolific in their purloining, snatching files including configurations for the oil companies' control systems, but Dmitri Alperovitch, vice president for threat research at McAfee, said they didn't appear to be trying to figure out how to blow up a pipeline or destroy equipment.