This week, security firm Symantec reported that Russian and Chinese hackers have been sneaking malware into the computers of some of the biggest Western oil and gas companiesâ€”just the latest in the ongoing cyber war between Russia and the West. The highly-sophisticated hacker attacks, notable for their precision, timing and planning, targeted mainly power grid operations, power plants, industrial equipment makers and gas line companies in the United States and Spain, with a few other companies in Europe hit by the attacks as well.
“We haven’t seen anything at this scale with industrial control systems,” said Kevin Haley, Symantec’s director of security. The full scale of the cyberattackâ€™s reach has yet to be assessed, but it is certain that the hackers were able to gain access to sensitive documents, trade secrets, usernames and passwordsâ€”the worst case scenario being the possibility that they can completely manipulate the controls from their remote locations, disrupting national energy distribution or shutting it down completely. An additional problem that the attack created is the issue of economic competition regarding information on energy reservesâ€”the locations of newly-discovered sites for oil and natural gasâ€”which may see a frantic race to drill before the companies with that knowledge.
Operation Energetic Bear
The cyber attack, nicknamed by the tech world as Operation Energetic Bear, is just the most recent of online attacks against Western firms from intellectual property thieves in Russia and China. Security company Crowdstrike thinks that there is a connection between these Russian hackers and the countryâ€™s intelligence agency, possibly instigated by the countryâ€™s state-owned energy companies such as Rosneft and Gazprom. “The Russians are engaged in aggressive economic and political espionage,” said Crowdstrike co-founder Dmitri Alperovitch. Both the Russian embassy and representatives for Gazprom and Rosneft ignored requests for comments on Energetic Bear
Energetic Bearâ€™s reach was not limited to its main target of the Western energy sector: healthcare providers, defense contractors, manufacturers, and even universities doing research on nuclear energy in Europe and the United States were also affected by the hackersâ€™ malware, prompting questions as to how far the next attack will go, and if Western cyberintelligence efforts will be enough to repel any future incursionsâ€”which may have vast repercussions on economic and sociopolitical development, as well as strain diplomatic relations.