Night Dragon hackers targeted Shell, BP and Exxon


Phil Muncaster

V3.co.uk, 24 Feb 2011

The Night Dragon hacking attacks uncovered by security vendor McAfee were targeted at some of the world’s largest petrochemical companies, including Shell, Exxon Mobil and BP, according to new reports.

A Bloomberg report citing “one of the companies and investigators who declined to be identified” said that the list of targeted companies also included Marathon Oil, ConocoPhillips and Baker Hughes.

Legal and financial information on the companies’ deals appear to have been the main targets for the hackers, the report added.

The revelations cast new doubt on the state of information security systems in large global companies.

The Night Dragon attacks, which could date back as far as four years, originated in China, according to McAfee.

The attacks used methodical but far from sophisticated hacking techniques, including SQL injection, password hacking and remote access Trojans, according to McAfee’s European director of security strategy, Greg Day.

“Why is it only now coming to light? Well, the environments and security controls these days are so complex it is very easy for them to slip under the radar of visibility,” he said at the time.

“Only really in the last few weeks have we been able to get enough intelligence together to join the dots up, so our goal now is to make the public aware.”

Companies suspecting that they may have been targeted are urged to look through anti-virus and network traffic logs to see whether systems have been compromised.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Blog at WordPress.com.

Up ↑

%d bloggers like this: