The report, which named the attacks ‘Night Dragon’, declined to identify the five known companies that had been hacked and said that another seven or so had also been broken into but could not be identified.
"It ... speaks to quite a sad state of our critical infrastructure security. These were not sophisticated attacks ... yet they were very successful in achieving their goals," said Dmitri Alperovitch, McAfee's vice president for threat research.
The hackers got into the computers in one of two ways, either through their public websites or through infected emails sent to company executives.
During the at least two years -- and up to four years -- the hackers had access to the computer networks, they focused on financial documents related to oil and gas field exploration and bidding contracts, said Alperovitch. They also copied proprietary industrial processes.
"That information is tremendously sensitive and would be worth a huge amount of money to competitors," said Alperovitch.
The hack was traced back to China via a server leasing company in Shandong Province that hosted the malware (another term for malicious software) and to Beijing IP addresses that were active from 9 a.m. to 5 p.m. Beijing time (0100-0900 GMT). McAfee's report did not identify who was behind the hacking.
"We have no evidence that this is government sponsored in any way," said Alperovitch. McAfee provided the data to the Federal Bureau of Investigation, which did not respond to requests for comment.
"This is normal business practice in China. It's not always state sponsored. And they do it to each other," said Jim Lewis, a cyber expert with the Center for Strategic and International Studies think tank. Asked if Beijing normally agreed to arrest hackers, Lewis responded: "It's not impossible, but it hasn't happened very often."
The Chinese government often says their country is also a victim of hacking. But Foreign Ministry spokesman Ma Zhaoxu told reporters at a regular press briefing on Thursday in Beijing that he was unaware of this case. "I really have no grasp of this situation, but we frequently hear about these types of reports," Ma said.
Western governments and companies have been concerned about corporate espionage based in China for a long time. "We are aware of these types of threats, but we can't comment specifically about what's in the Night Dragon report," said FBI spokeswoman Jenny Shearer. Washington believes that hacking attacks on Google that briefly prompted the company to pull out of China were orchestrated by two members of the country's ruling body, according to U.S. diplomatic cables released by Wikileaks. As I blogged about not long ago, the French government is also looking into a possible Chinese role in spying on carmaker Renault SA's and Nissan's electric vehicle program.
In 2007, a Chinese student working at car parts maker Valeo was sentenced to prison for obtaining confidential documents from the automaker. A French tribunal stopped short of an industrial espionage verdict, instead finding that she had "abused trust." The French are good at investigating, but not much on acting….
Live Long and Prosper...