Chinese hackers linked to Canada's Telvent breach

Based on digital fingerprints it left behind, a hacker group from China named "Comment Group", is believed to be behind a network breach on energy giant Telvent Canada.

Energy giant Telvent Canada believes Chinese hackers are behind a network breach the company suffered earlier in September.

Telvent had informed its customers on Sep. 10 hackers breached its internal firewall and security systems, implanted malicious software, and stole project files, according to a KrebsonSecurity blogpost on Thursday. Telvent manufactures industrial control software systems which remotely control smart grid networks used in portions of the electric grid.

Malware deployed in the attack was believed to be associated with a Chinese hacker group, "Comment Group", based on digital fingerprints left behind by the attacker, the post noted. 

In the company's most recent dispatch to customers affected by the breach, dated Sep. 25, Telvent executives provided details about the malicious software used in the attack. The malware and network components listed in the page "strongly" suggested the involvement of the Chinese hacker group.

The blogpost also cited Joe Stewart, director of malware research at Dell SecureWorks, who said the Web site and malware names mentioned in a more recent letter from Telvent could be traced to the Chinese hacking group.

Bloomberg in July published a report on Comment Group, noting the group's years of suspected involvement in deploying sophisticated attacks to harvest intellectual property and trade secrets from energy companies, patent law firms, and investment banks.

Data gathered by a group of security researchers, who last year tracked Comment Group's activities over a period of less than two months, uncovered evidence the Chinese hacker group infiltrated at least 20 organizations, "many of them with secrets with could give China an edge as it strives to be the world's largest economy".


Show Comments