Canadian energy firm takes preventative measures after data breach

September 27, 2012

Energy firms have a been a major target of cyberespionage campaigns recently, intended to spread malware on employees' computers and steal vital information. A Canadian firm is the latest to have been attacked, resulting in stolen records and a breach to customers' information.

According to ComputerWorld, Telvent, the firm in control of more than half of the oil and gas pipelines in North and Latin America, experienced a situation involving its clients' project files. To protect its consumers and keep them informed, Telvent and Schneider Electric, the French conglomerate that owns the energy company, have been taking necessary data protection measures.

Chinese hackers are to blame
Security blogger Brian Krebs believes that Chinese hackers are the masterminds behind this latest network security breach, the source reported. The Chinese hacking organization, known as the Common Group, has also been involved in launching threats against energy and Fortune 500 firms for a few years.

Not much is known about the breach itself, except that it occurred on September 10, and that the cybercriminals were able to bypass the firewalls, install malware and steal files regarding a Telvent product called OASyS SCADA, according to CNET. The OASyS project talks about how the product can be used to incorporate a company's backend networks using smart-grid technology. Other files that might have been breached concern the management of oil and natural gas pipelines, according to the source.

This assault comes on the heels of a warning issued by Dell SecureWorks late last week about a hacking group targeting firms, including a Canadian firm, however, a Dell representative affirms that Telvent was not the company alluded to in the press release, the source reported.

Taking action
The corporation has been doing what it can to help the customers affected. Schneider Electric said that Telvent has already notified all of the victims. To ensure that their information cannot be accessed, the company also disabled links between consumers and areas of the network that might be infected. It has also put into effect new procedures for supporting clients while diligently working to destroy the malware from its system.

Although a company can never know when a hacker will attempt to breach its system, it should employ passwords, encryption, security software and firewalls, while always monitoring the system for attempted attacks. If a business falls victim to a cybercriminal's activities, the company should emulate Telvent's actions and notify its customers immediately.

-McAfee Cloud Security