Corporate espionage in the news: Hilton and the Oil industry

Is anyone calling espionage by means of computers cyber-espionage yet? I hope not. At least they shouldn't call it cyber war.

Two news stories of computerized espionage reached me today.

The first, regarding the Oil industry, was sent by Marc Sachs to a SCADA security mailing list we both read. The second, about the hotel industry, was sent by Deb Geisler to science fiction convention runners (SMOFS) mailing list we both read.

US oil industry hit by cyberattacks: Was China involved?
http://www.csmonitor.com/USA/2010/0125/US-oil-industry-hit-by-cyberattacks-Was-China-involved

At least three US oil companies were the target of a series of previously undisclosed cyberattacks that may have originated in China and that experts say highlight a new level of sophistication in the growing global war of Internet espionage.

Starwood Charges That Top Hilton Execs Abetted Espionage
http://www.meetings-conventions.com/article_ektid31918.aspx

Starwood's claim points to a "mountain of undisputed evidence," including e-mails among Hilton senior management, that Klein and Lalvani worked with others within Starwood to steal sensitive documents by sending them via personal e-mail accounts, among other methods, and that such information was shared and used by all of Hilton's luxury and lifestyle brands, as well as in the development of Hilton's now-shelved Denizen brand. In the new filing, Starwood says, "This case is extraordinary, and presents the clearest imaginable case of corporate espionage, theft of trade secrets, unfair competition and computer fraud...Hilton's conduct is outrageous."

As to whether China is involved, maybe. But the automatic blaming has got to stop. Many other countries have been known to be conducting corporate espionage, such as France, and as the second story above shows, so do corporations themselves.

But.. here are a few questions:

- My dog barked, was China involved?
- The traffic light turned red, was China involved?
- I am tired. Is China involved?

Gadi Evron,
ge@linuxbox.org.

Follow me on twitter! http://twitter.com/gadievron

China Hacks Google, Etc.

Many news sources are reporting on how Google and other corporations were hacked by China.

The reports, depending on vendor, blame either PDF files via email as the original perpetrator, or lay most of the blame on an Internet Explorer 0day.

Unlike my colleagues (save for the ones reporting), I rather not discuss this too much before more data is available.

Regardless of what really happened, which I hope we will know more on later, these things are clear:

1. Unlike GhostNet, which showed an interesting attack, but unfortunately many of us jumped to conclusions without evidence that it was China behind them -- based on Ethos alone I'd like to think that when Google says China did it, they know. Although being a commercial company with their own agenda, I am saving final judgement.

2. The 0day disclosed here shows a higher level of sophistication, as well as m.o. which has been shown to be used by China in the past.

3. If this was China, which some recent talk seems to make ambiguous, but still likely; they would have more than just one weapon in their arsenal.

4. This incident has brought cyber security once again to the awareness of the public, in a way no other incident since Georgia has succeeded, and to political awareness in a way no incident since Estonia has done.

Gadi Evron,
ge@linuxbox.org.

Follow me on twitter! http://twitter.com/gadievron