Chinese hackers steal files from SCADA maker

Powered by SC Magazine
 

Military connection suspected.

Chinese attackers haved allegedly hacked and stolen data from the systems of global energy equipment supplier Telvent.

The company, part of French conglomerate Schneider Electric, alerted its customers to a breach of its internal firewall and security systems this month, which it said had led to the project files for one if ts most important products being stolen by the hackers.

In a letter sent to Telvent customers, and obtained by noted security commentator Brian Krebs, the company said it was still investigating the issue.

It had "established new procedures to be followed" until the company could remove any vulnerabilities or remaining malware from the asttack.

Telvent, which has around 6000 employes in 19 countries around the world, makes supervisory control and data acquisition (SCADA) systems used to secure and manage critical infrastructure for energy companies.

Project files related to Telvent's key product, the OASys SCADA, were stolen in the intrusion.

The system is used to manage smart grid implementations as well as for oil and gas pipeline telemetry and monitoring systems.

A second letter from Telvent to customers affected by the breach listed some of the malware files and domain names and IP addresses used for control and command.

According to Dell Secureworks malware researcher Joe Stewart, the digital fingerprints left behind by the attackers point to a Chinese hacking team known as the "Comment Group". 

The "Comment Group" has been dubbed "Byzantine Candour" by US intelligency for its use of HTML comments. It is thought to be connected to China's People's Liberation Army.

The group rose to prominence in 2008 after hacking the presidential campaigns of Barack Obama and John McCain, in the large-scale Operation Shady Rat attack.

Several western organisations in Europe and North America were infiltrated in a attack by the Comment Group in July this year, Bloomberg reported.

Organisations in that attack included defence contractor Halliburton, law firms, government departments, and companies involved in the energy sector.

Emails from European Union president, Herman van Rompuy, were also copied, and 11 officials had their internal communications intercepted as the hackers accessed the EU computers four times.

Last year, the Comment Group also managed to break into the Diablo Canyon nuclear powerplant in California. It stole a mailing list with the addresses of subscribers to a nuclear management newsletter and proceeded to send them emails laden with spyware.

Copyright © iTnews.com.au . All rights reserved.


Chinese hackers steal files from SCADA maker
 
 
 
Top Stories
Content, cost & constant innovation: How Foxtel plans to take on Netflix
Nell Payne inhabits the “brave new world of blue strings and networking”. Just don't ask her to put a TV screen on your microwave.
 
Sending in the drones
Margins are getting tighter in the industrial services industry, so Transfield Services' Stephen Phillips looks offshore - and to the skies - for the solutions he needs to keep pace.
 
Westpac fires starting pistol on core banking upgrade
St George readies itself for move to Celeriti.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
Should Optus make a bid for iiNet?

   |   View results
Yes
  43%
 
No
  57%
TOTAL VOTES: 543

Vote