14 DAY TRIAL // The Christian Science Monitor reports that in the last half of 2008, several oil companies fell victim to highly sophisticated malware attacks, aimed at stealing valuable oil exploration data. The incidents bear a striking resemblance to the attacks that targeted Google, Adobe and a series of other companies.
The alleged attacks investigated by The Christian Science Monitor affected Marathon Oil, ExxonMobil, and ConocoPhillips. These Texas-based corporations are involved in oil exploration and conduct worldwide operations.
Federal authorities apparently contacted the oil companies in late 2008 and early 2009 to inform them that sensitive information had been systematically stolen from their corporate networks. This information included login credentials, internal memos, but most importantly exploration “bid data,” which details oil deposits and is highly valuable.
The attacks appear to have targeted employees in key positions within the companies. Well-crafted rogue e-mails masqueraded as messages from senior executives, the malware used was particularly customized for these attacks and had very low antivirus detection rates.
The oil companies have denied commenting on or confirming the incidents, but in one case, the threat might be internally referred to as the China virus. "What these guys don’t realize, because nobody tells them, is that a major foreign intelligence agency has taken control of major portions of their network. You can’t get rid of this attacker very easily. It doesn’t work like a normal virus. We’ve never seen anything this clever, this tenacious," stated a source familiar with one of the investigations for the CSM.
Earlier this month, Google revealed that its network was attacked by hackers from China looking to steal source code and access the Gmail accounts of human rights activists. The attack, which is also known as Operation Aurora, prompted the Internet giant to threaten to pull out of the Chinese market and stop censoring results on its google.cn website.
Other large companies such as Adobe Systems, Juniper Systems and Rackspace were targeted by Operation Aurora, along with many unnamed organizations. The government in Beijing denied any accusations that it might have sponsored the attacks.