In the latest sign that corporate America’s sensitive documents are being targeted, a new study says Chinese hackers infiltrated the networks of five major energy companies to acquire proprietary and highly confidential information.
Security software maker McAfee (MFE) revealed the apparent cyber espionage acts in a report issued on Thursday, but did not identify which energy companies were victimized.
In the attacks, which McAfee code named “Night Dragon,” the hackers keyed in on highly-sensitive documents, focusing on operational oil and gas field production systems and financial documents related to field exploration and bidding.
“Well-coordinated, targeted attacks such as Night Dragon, orchestrated by a growing group of malicious attackers committed to their targets, are rapidly on the rise,” the McAfee report said. “These targets have now moved beyond the defense industrial base, government, and military computers to include global corporate and commercial targets.”
The attacks appear to have been ongoing since at least late 2009 and may have begun as early as 2007.
BP (BP), ExxonMobil (XOM) and other big oil companies declined to comment to The Wall Street Journal when asked if they had been the targets. Chevron (CVX) told the paper it isn’t aware of any successful hacks into its data by Night Dragon.
“It is vital that organizations work proactively toward protecting the heart of their value: intellectual property. Enterprises need to take action to discover these assets in their environments, assess their configurations for vulnerabilities, and protect them from misuse and attack,” the report concluded.
The Night Dragon report comes less than a week after Nasdaq OMX Group (NDAQ) acknowledged a confidential document-sharing service it runs had been hacked into. Some believe the attack was coordinated by a state like China or Russia.
Last year McAfee reached a $7.68 billion deal to be acquired by chip giant Intel (INTC).