By James Rossiter
December 3, 2007
Rolls-Royce and Royal Dutch Shell have fallen victim to Chinese
espionage attacks, The Times has learnt.
Sustained spying assaults on Britains largest engineering company and on
the worlds second-biggest oil multinational occurred earlier this year
as part of a campaign to obtain confidential commercial information,
News of the attacks on Rolls-Royce and Shell comes after a warning by
Britains security services that China is sponsoring espionage against
vital parts of the British economy, including breaking into big
companies computer systems.
It is understood that Chinese-backed computer hackers broke into the
internal computer network of Rolls-Royce in an attack that a security
source said nearly took them out. Rolls-Royce engines are widely used by
many of the worlds largest airlines and are deployed in transport
vehicles of many Armed Forces in Nato, including those of Britain and
the United States.
Shell, an Anglo-Dutch group, had to deal with a spying ring in Houston,
Texas, security sources told The Times. Chinese nationals working for
the company were preyed upon by state-backed operatives hoping to obtain
confidential pricing information for its operations in Africa, the
African countries have been targeted by international oil companies in
the commercial battle to tap into vast new oil reserves needed to
support both the developed economies of the West and the rapidly
expanding economy of China, which has vast coal reserves but little oil
The infiltration of the Rolls-Royce computer server was described as a
virtual attack, a source said: The Chinese the Peoples Liberation Army
- have been up to it for a good while, but it has really come to the
fore recently. They tried to get inside Rolls-Royce their IT systems.
Jonathan Evans, Director-General of MI5, has sent a letter to 300 chief
executives and security chiefs in banks and accounting and legal firms
telling them that they are under attack from Chinese state
organisations, The Times revealed this weekend.
A summary of the MI5 warning, posted on the website of the Centre for
the Protection of the National Infrastructure, says: The contents of the
letter highlight the following: the Director-Generals concerns about the
possible damage to UK business resulting from electronic attack
sponsored by Chinese state organisations, and the fact that the attacks
are designed to defeat best-practice IT security systems. It is
understood that Rolls, in common with most other networks, has several
layers of firewalls, with the most confidential information, thought to
contain engine designs and repair codes, at the centre.
The infiltration of the Rolls network is thought to have occurred
remotely after a specially tailored Trojan, a software code wrapped up
in a virus, was downloaded into the site, allowing information to be
relayed back out of the companys IT server.
It is thought that the infiltration occurred in the UK. Rollss IT
network extends, however, to its international operations, including
Scandanavia and the United States.
The source said: They did not get enough inside, but it was a
sufficiently big attack to get very worried. They got to the so-called
not very important information before being rooted out.
Shell is understood to have uncovered a special interest group in
Houston consisting of its Chinese nationals, who were encouraged to meet
socially after work. The networking group was, however, a front for
recruiting Chinese nationals. In what security experts described as a
typical form of social engineering, there was targeting of Chinese
workers whose families were still in China. They were told to help for
the good of the Motherland, the source said, adding: It was a form of
threat. This particular European oil company was made aware and
uncovered the spying operation, where the Chinese were put under moral
pressure to give information. Rolls-Royce and Shell declined to comment.
Garrod Haggerty, forensic technology partner in PricewaterhouseCoopers,
the accounting firm, said that any companys IT network infrastructure
should be robust, protected by firewalls and multi-layers of security to
make it difficult to launch an all-out attack on a network.
Visit InfoSec News