Hackers have used a range of techniques in a dedicated attack against global energy companies, a report has indicated.
An unnamed selection of oil, energy and petrochemical firms have been targeted by cyber criminals in attacks that may have started as long ago as 2007, McAfee said.
Under the so-called Night Dragon operation, the attacks appeared to have been coordinated from a central point, the recently-acquired security firm claimed.
The hackers probed the companies for inside information, such as oil and gas production data, potential areas where the multinationals were looking to work and schematics on how systems worked.
McAfee could not reveal any of the specific details about the firms involved, but noted law enforcement had been brought in to investigate.
Whilst the seemingly coordinated attack has been going on for some time, McAfee was only able to "join the dots" together in recent weeks, said Greg Day, director of security strategy at McAfee.
"For us visibility has only happened in the last week or so, and I would suspect law enforcement may have only happened once they had a bigger understanding of the problem," Day told IT PRO.
Chinese involvement?
There were a number of indicators that the hackers were from China, although these were not guarantees, Day said.
Firstly, the individual responsible for providing the command and control centre infrastructure was located in the Shandong Province.
McAfee also discovered all of the identified data theft activity occurred from Beijing-based IP addresses and was carried out within the victim companies on weekdays between 09:00 and 17:00 Beijing time.
Furthermore, the hacking tools used in the attacks were of Chinese origin and can be bought together on Chinese underground hacking forums.
Part of the password string to get to the remote access control service contained the word China' in it as well, but this could just be a red herring, Day said.
"What seems very evident to us is that they weren't being very careful about covering up their tracks," he added.
"You have to question whether that was an intentional thing or was that accidental."
Whilst it seems the attacks were the doing of a centrally-organised body, members could have been spread across the globe, Day said.
-
Should AI PCs be part of your next hardware refresh?AI PCs are fast becoming a business staple and a surefire way to future-proof your business
-
Westcon-Comstor and Vectra AI launch brace of new channel initiativesNews Westcon-Comstor and Vectra AI have announced the launch of two new channel growth initiatives focused on the managed security service provider (MSSP) space and AWS Marketplace.
-
McAfee and Visa offer 50% off antivirus subscriptions for small businessesNews UK Visa Classic Business card holders can access the deal starting today
-
McAfee Total Protection review: Expensive at full priceReviews Protects your PC and includes a decent firewall, but costly and less effective than some rivals
-
McAfee Total Protection review: Quick, effective and affordableReviews A solid security choice, with perfect malware protection, a fully functional VPN and more
-
McAfee’s zero trust solution strengthens private applications’ securityNews MVISION Private Access grants secure access to private resources from any device or location
-
PowerShell threats increased over 200% last yearNews A new McAfee report finds PowerShell attacks driven largely by Donoff malware.
-
McAfee to sell enterprise business to STG for £2.8 billion
News The enterprise business will be rebranded, with McAfee focusing on personal security
-
Has the US government finally nabbed John McAfee?News Official Twitter account claims notorious tech tycoon has been “detained by authorities”
-
John McAfee ordered to pay $25 million over neighbour's murderNews Controversial figure insists that he will not pay
