Computer hackers working through Chinese Internet servers stole proprietary information from six U.S. and European energy companies -- Exxon Mobil Corp., Royal Dutch Shell PLC, BP PLC, Marathon Oil Corp., ConocoPhillips and Baker Hughes Inc. -- according to one of the companies and investigators.
News of the breach was released in a Feb. 10 report by cybersecurity firm McAfee Inc., which said the hackers stole "project-financing information with regard to oil and gas field bids and operations." The report did not name the companies.
"Legal information, information on deals and financial information are all things that appear to be getting targeted," said Greg Hoglund, CEO of Sacramento, Calif.-based HBGary Inc., a cybersecurity company that investigated some of the breaches and contributed to the report. "This is straight-up industrial espionage."
The McAfee report described the hacking techniques as "unsophisticated" and as commonly used by Chinese hackers. Joel Brenner, who tracked spying efforts against U.S. companies during his former job as head of U.S. counterintelligence during the Bush and Obama administrations, said the thefts described by the McAfee report match the profile of industrial espionage operations that have the backing or consent of the Chinese government.
"The Chinese are on the hunt for natural resources to fuel this massive economic leap forward," Brenner said.
None of the companies disclosed the thefts to investors, which could be a legal liability.
"To the extent that there aren't adequate procedures in place to protect the companies' crown jewels and somebody gets the key to the jewelry box, there is certainly potential for shareholder derivative liability," said Blair Nicholas, a San Diego-based partner at law firm Bernstein Litowitz Berger and Grossman.
A judge might construe such information as a "material" fact that should have been disclosed, Nicholas said.
Baker Hughes is the only company of the six hacked to confirm the attack. Gary Flaharty, spokesman for advanced drilling technology company, confirmed that its network had been hacked but said the company concluded the incident did not need to be disclosed because it was not material to investors (Michael Riley, Bloomberg/Fuel Fix, Feb. 24). -- AS