*Planetary disarray seems to be making the Chinese bolder. They hit the top of the
American political food-chain by spying on oil companies. via SANS
****************************************************************************
TOP OF THE NEWS
–Cyber Attack Targeted Multinational Oil and Gas Companies
(February 10, 2011)
A report from McAfee says that at least five large oil and gas companies
were targeted by a series of cyber attacks it has dubbed "Night Dragon."
"The motive of the attacks appear to be corporate espionage and are
similar to the attacks launched against Google in 2009, though not as
sophisticated. The cyber intruders appear to be operating from within
China. They established control servers in the US and the Netherlands
and used them to help gain access to computer systems in Kazakhstan,
Taiwan, Greece and the US.
The attacks appeared to be attempting to
gather information about gas and oil field production systems,
financial documents related to field exploration, oil and gas lease bids
and industrial control systems. McAfee says it has fixed the
vulnerabilities at the companies, but will not identify them in
accordance with non-disclosure agreements signed prior to the work. The
attacks date back to at least late 2009 and may have started as long as
four years ago.
There is evidence that seven additional energy
companies were also targeted by the attacks. The Christian Science
Monitor reported a year ago that Marathon Oil, ExxonMobil and
ConocoPhillips suffered breaches that compromised bid data; the cyber
attacks occurred in 2008, but the companies did not become aware of them
until the FBI contacted them in 2008 and 2009 to let them know that
sensitive company information has been flowing out of their systems.
http://www.nytimes.com/2011/02/10/business/global/10hack.html
http://www.scmagazineuk.com/mcafee-cto-warns-of-new-combined-threat-named-night-dragon/article/196043/
http://latimesblogs.latimes.com/technology/2011/02/chinese-hackers-targeted-oil-companies-in-cyberattack-mcafee-says.html
http://news.cnet.com/8301-30685_3-20031291-264.html
http://www.theregister.co.uk/2011/02/10/night_dragon_cyberespionage/
Christian Science monitor story from January 2010:
http://www.csmonitor.com/USA/2010/0125/US-oil-industry-hit-by-cyberattacks-Was-China-involved
[Editor's Note (Schultz): The fact that organizations, including
organizations that have claimed to have implemented so-called "best
practices," are often terribly slow in detecting major, sustained
attacks against them never ceases to amaze me.]
*And this one's fantastic. A Chinese femme fatale posing as an Australian seduced
a top Taiwanese electronic warfare general. She had him in a honeytrap for eight
years, apparently.
http://www.theaustralian.com.au/news/world/taiwan-general-lured-by-spy/story-e6frg6so-1226004631268
A CHINESE woman spy with an Australian passport, aged about 30, recruited a major-general in Taiwan to become an agent for China, it was revealed yesterday.
Lo Hsien-che, the most senior Taiwanese military figure to be charged with spying for China in 50 years, was head of communications and electronic information before his arrest.
China Times said General Lo, now 51, was stationed in Thailand from 2002-05, leaving his family behind in Taiwan. "He was enamoured by this slender woman, who travelled frequently between Thailand, China and the US under the cover of being a trader."
The woman was described in Taiwan as tall, beautiful and fashionably dressed. Her name has not been revealed. (((Oh why not, for heaven's sake.)))
General Lo, who is from a military family, is said to have received up to $US200,000 ($200,233) for each substantial disclosure. He now faces execution or life imprisonment. (...)
General Lo was responsible for the army's participation in the Po Sheng project: building an electronic warfare system to co-ordinate Taiwan's military forces and enable intelligence-sharing with the US Pacific Command.
A retired Taiwanese general said that if General Lo had given warfare codes to China, the repercussions would be massive.
