“Night Dragon” An Attack on our Energy Infrastructure

Published on February 12, 2011 By DrJBHL In Personal Computing

Last week, McAfee reported attacks on our energy companies of a sophisticated nature.

They originated in China, however it could not be determined whether they came from a governmental, corporate or criminal entity.

Security researchers at McAfee have sounded an alarm for what is described as “coordinated covert and targeted cyberattacks” against global oil, energy, and petrochemical companies.
McAfee said the attacks began November 2009 and combined several techniques — social engineering, spear phishing and vulnerability exploits — to load custom RATs (remote administration tools) on hijacked machines.

As with the e-mail messages used in regular phishing expeditions, spear phishing messages appear to come from a trusted source. Phishing messages usually appear to come from a large and well-known company or Web site with a broad membership base, such as eBay or PayPal.

In the case of spear phishing, however, the apparent source of the e-mail is likely to be an individual within the recipient's own company and generally someone in a position of authority.

According to an article in the New York Times, spear phishing attempts are not typically initiated by "random hackers" but are more likely to be conducted by "sophisticated groups out for financial gain, trade secrets or military information."

This is a very brief summary of the (nineteen page) McAfee White Paper found HERE:

"1. Company extranet web servers compromised through SQL-injection techniques, allowing remote command execution.
2. Commonly available hacker tools are uploaded on compromised web servers, allowing attackers to pivot into the company’s intranet and giving them access to sensitive desktops and servers internally.
3. Using password cracking and pass-the-hash tools, attackers gain additional usernames and passwords, allowing them to obtain further authenticated access to sensitive internal desktops and servers."

Initially using the company’s compromised web servers as command and control (C&C) servers, the attackers discovered that they needed only to disable Microsoft Internet Explorer (IE) proxy settings to allow direct communication from infected machines to the Internet.
Using the RAT malware, they proceeded to connect to other machines (targeting executives) and extracting email archives and other sensitive documents.

Source: http://tinyurl.com/2v67fy7

Comments (Page 5)

myfist0

on Feb 18, 2011

I'm not normally a violent person, but sometimes I think the world would be better off if there were more political and corporate assassinations to show the bastards that we the people don't like their shit and will no longer tolerate it.

starkers

on Feb 18, 2011

I Still feel as though he's an ingrate, at best. What does he care what the motive was as long as he's free?

Like I said, he was grateful to the troops who liberated he and his family... his gripe was more that the US historically often butts in where it is neither wanted or welcome, and usually because there is something in it for them. Anyway, I guess one has to have been offended in some way to understand the sentiment... and being a foreign national who has a personal tragedy/grievance and living outside the United States would also help.

I also think that it isn't necessary to become a Robespierre to correct the abuses of royalty. It requires steady, unrelenting effort on the law makers and regulatory investigators to bring about reform.

That is all well and good, in theory, but when the lawmakers are bought men [and women] reform is quite tardy at best.

Again, I'm guessing that it takes a few kicks in the guts from the upper echelon and elite to fully appreciate the sentiment.

I had a large corporation [Woolworths] shit on me because I wouldn't toe the line with regard to slimy business practices [I refused to change the "use by" labels on meat packages] to save money. I also refused to turn off the fridges and freezers when I locked up the store after supervising the 'night fill'... stocking the shelves. Had I done so [to save money] it would have raised food temps above acceptable levels and put the buying public at risk, but they fired me nevertheless and I lost a lot of money in wages, holiday pay and other entitlements because they deemed I was in dereliction of my duties and insubordinate.

I also saw my 75 y/o mother get evicted from her home of 40 years because the corporate body [gov't housing] decided to jack up her rent by 25% for additional income they deemed she received after being recently widowed. The thing is, she was actually receiving less money and couldn't pay the rent rise, but that didn't matter to them, they evicted her anyway.

So you see, there are reasons for my impatience and intolerance of government and corporations.

scratchthepitch

on Feb 19, 2011

starkers

reply 51

Meanwhile, those souls who still fret the night away worrying about the Chiacoms under the bed, there is a solution. It's quite painless, too. Attach small pictures of Milton Friedman and Leo Strauss to the skirts on your bed:
I have a Chiacom motion detector under my bed.... and if one [or several] dared to hide under my bed, it sets off an alarm that plays Lucille Ball's whiny ass voice at 98 decibels. And for the foot locker at the end of the bed where I hide all my 'toys', there's a siren that if the lid is opened by a Chiacom it plays the sound of machine gun fire in D Flat.

I pretty much got the house covered, but I need to do something about the garden shed. I mean, wouldn't want 'em hiding in there, would I? S'pose I could always install a Chiacom motion sensor that sets of a recording of excerpts of Charlie Chan's voice. Now that phony Chiacom accent would have to really piss 'em off and ensuing sounds of discontent would alert the authorities to their location.

Sounds like you took that esteemed Boy Scout motto seriously. One further observation. The garage. Have you considered the route open to the dedicated Chiacom there? Back in the days I soiled my hands doing manual labor, I went to change the oil on my Ford (buy more Fords, they make America strong and provide extensive employment for auto mechanics) and found a flattened, genetically modified Chiacom infiltrator hiding under the cardboard sheet which I used to keep my garage floor clean (home resale value depends upon clean and waxed garage floors, according to my Brooklyn born and raised business adviser). I quickly called in the Homeland Security experts.

coreimpulse

on Feb 19, 2011

duh, havent you people played fallout 3? Get a big super robot to bring them down. If that doesnt work, get people into the VR chamber where they'll enjoy the bliss of a happy american suburban afternoon while the country gets invaded by chinese commandos.

starkers

on Feb 19, 2011

found a flattened, genetically modified Chiacom infiltrator hiding under the cardboard sheet which I used to keep my garage floor clean (home resale value depends upon clean and waxed garage floors, according to my Brooklyn born and raised business adviser). I quickly called in the Homeland Security experts.

I'm just a bit worried about the genetically engineered Chiacoms who can disguise themselves as various household pets. Yup, I hear they listen in on and record everything, which could be very embarrassing and leave you open to blackmail if you don't want the neighbours to know what you do behind closed doors

Uvah

on Feb 19, 2011

So that's what the smiley on the wall is doing. Quick. Get 'em before he gets away.

DrJBHL

on Feb 19, 2011

Hi guys! Glad you're enjoying, but could I make a good natured suggestion?

Why not start a "Let's Have Fun!" thread instead of doing it here? Thanks.

starkers

on Feb 19, 2011

Hi guys! Glad you're enjoying, but could I make a good natured suggestion?

Why not start a "Let's Have Fun!" thread instead of doing it here? Thanks.

Okay bud, we'll sod off and play silly buggers someplace else.... in a good natured sort of a way.

For my part, however, I am sorry about the off-topic antics....

Welcome Guest! Please take the time to register with us.
There are many great features available to you once you register, including:

Richer content, access to many features that are disabled for guests like commenting on the forums.
Access to a great community, with a massive database of many, many areas of interest.
Access to contests & subscription offers like exclusive emails.
It's simple, and FREE!