"Night Dragon" stalks big oil

According to a new report by McAfee (pdf):
"Attackers using several locations in China have [waged] attacks against global oil, gas, and petrochemical companies, as well as individuals and executives in Kazakhstan, Taiwan, Greece, and the US to acquire proprietary and highly confidential information."
These attacks (nicknamed "Night Dragon" by McAfee analysts) include social engineering, shrink-wrapped toolkits, and a handful of IE exploits. Hackers have been able to access sensitive data, both business-related and personal.

McAfee is calling 2010 a watershed year for computer security, at which hacking evolved from dangerous nuisance (e.g., Code Red, Sasser, Conficker) to genuine threat (e.g., Stuxnet). For a long time, hacking was brushed off as vandalism and petty crime. As critical systems discover the magnitude of their vulnerability, computing security is rapidly becoming part of national security.

No comments: