Status of Chinese People

About China and Chinese people's living condition

  • China Organ Harvesting Report, in 19 languages

  • Torture methods used by China police

  • Censorship

  • Massive protests & riots in China

  • Top 9 Posts (In 48 hours)

  • All Topics

  • Books to Read

    1. A China More Just, Gao Zhisheng
    2.Officially Sanctioned Crime in China, He Qinglian
    3.
    Will the Boat Sink the Water? Chen Guidi, Wu Chuntao
    4.
    Losing the New China, Ethan Gutmann
    5.
    Nine Commentaries on The Communist Party, the Epochtimes
  • Did you know

    Reporters Without Borders said in it’s 2005 special report titled “Xinhua: the world’s biggest propaganda agency”, that “Xinhua remains the voice of the sole party”, “particularly during the SARS epidemic, Xinhua has for last few months been putting out news reports embarrassing to the government, but they are designed to fool the international community, since they are not published in Chinese.”
  • RSS Feeds for Category

    Organ Harvesting

    Human Rights

    Made in China

    Food

    Health

    Environment

    Protest

    Law

    Politics

    Feed address for any specific category is Category address followed by 'Feed/'.

  • Enter your email address to subscribe to this blog and receive notifications of new posts by email.

    Join 223 other followers

Chinese Hackers Targeted a Dozen Oil Companies in U.S. Kazakhstan, Taiwan, and Greece: McAfee

Posted by Author on February 10, 2011

By Sara Yin, PC Magazine, Feb. 10, 2010-

Highly skilled hackers in China have been stealing information from Western oil and gas companies since at least November 2009, according to a white paper from McAfee.

The cybercriminals compromised servers in the United States and Netherlands to infiltrate oil, gas, and petrochemical companies in the United States, Kazakhstan, Taiwan, and Greece. Roughly a dozen companies were penetrated, with five firms confirming the attacks, the report said.

McAfee has nicknamed the coordinated attacks “Night Dragon” for its Chinese origins.
“Well-coordinated, targeted attacks such as Night Dragon, orchestrated by a growing group of malicious attackers committed to their targets, are rapidly on the rise,” wrote McAfee’s global CTO, George Kurtz, in a blog post. “These targets have now moved beyond the defense industrial base, government, and military computers to include global corporate and commercial targets.”

The attacks came from several locations in China and most were carried out during weekday office hours, implying the hackers are fully employed office workers rather than amateurs.

The attacks involved a combination of social engineering, exploitation of Microsoft Windows vulnerabilities, Microsoft Active Directory compromises, and the use of remote administration tools (RATs) to successfully obtain information on the operations and financing of oil and gas fields, the report said.

First the hackers broke into servers by injecting a malicious code in Structured Query Language (SQL), the computer language used for large-scale databases (read about how a hacker used SQL injection to steal credit card information in the biggest online theft case in U.S. history.) Then they sent bogus e-mails to dupe recipients using employee laptops into submitting confidential information, a social engineering technique known as spear-phishing. The hackers also compromised corporate VPN accounts to reach the company’s defense architecture.

Finally, the hackers were able to use privately developed remote administration tools (RATs), which mimic the functions of Citrix and Microsoft Windows, to control infiltrated systems.

On numerous occassions China has been accused of hacking into Western IT systems. While Western governments usually report the security breaches, affected companies are more likely to try to cover up an infiltration, the report says.

Last December, a U.S. State Department cable exposed by WikiLeaks claimed that the Chinese Politburo had ordered the cyberattacks on Google.

PC Magazine

Sorry, the comment form is closed at this time.