‘Night Dragon’ stalks world’s oil firms
‘Electronic Pearl Harbor’ is a common refrain in U.S. intelligence circles — the hypothetical scenario in which a catastrophic attack on key U. S. economic interests in cyberspace, including energy and power infrastructure, that could cripple the U.S. economy.
However, the computer worm Stuxnet targeting Iranian nuclear facilities in 2010 shows that cyberattacks pose real dangers.
“Stuxnet is regarded as one of the most sophisticated, publicly known cyberattacks to date,” says a report by the James Baker III Institute for Public Policy of Rice University. “It should send a clear message that most critical infrastructure is vulnerable to cyberattack.”
In a white paper, anti-virus software company McAfee Inc. also highlighted the Night Dragon attack — co-ordinated covert and targeted cyberattacks that were conducted against global oil firms in 2009.
“Attackers using several locations in China have leveraged command and control servers on purchased hosted services in the United States and compromised servers in the Netherlands to wage attacks against global oil, gas, and petrochemical companies, as well as individuals and executives in Kazakhstan, Taiwan, Greece and the United States to acquire proprietary and highly confidential information,” the white paper says.
Clearly, well co-ordinated, targeted attacks such as Night Dragon, orchestrated by a growing group of malicious attackers committed to their targets, are rapidly on the rise, McAfee said. “These targets have now moved beyond the defense industrial base, government, and military computers to include global corporate and commercial targets.”