A Canadian software firm that supplies industrial software to major energy producers has been compromised by hackers. Government officials in the country aren’t commenting on claims that China may be involved.
Telvent Canada has contacted customers to warn them that a hacker or hackers breached its system, installed malware and stole files relating to OASysS SCADA. Brian Krebs, who made the story public, notes that this is an industrial control system designed for “smart grids” that track and respond to changes in demand.
Telvent itself says the system” ensures reliability by managing the distribution network and maintaining its operational integrity. It plays a central role in Smart Grid self-healing network architecture and improves overall grid safety and security.
According to Telvent’s letter to customers, there’s no evidence that any of its customers face a security threat. As a precautionary measure it’s tweaked its own system so that it won’t be able to access any system belonging to customers.
Krebs quotes a malware researcher as saying that some of the specific technical details mentioned in the Telvent letter suggest the involvement of a Chinese hacking group previously linked to attacks on at least 20 organizations. These targets suggest the group is specifically looking for confidential information rather than trying to cause disruption.
Canadian government spokesman Jean-Paul Duval refused to specifically address the Chinese links, instead making the somewhat obvious statement that ” We can tell you that the government of Canada is working to protect Canada’s cyber networks, identify vulnerabilities and intrusions, and to defend against malicious cyber activity.”
Reuters notes the claims could be particularly sensitive given a Chinese company is currently awaiting Canadian government approval for a $15.1 billion takeover of a domestic oil producer. Political opponents of the bid have already argued in favor of rejecting it on the grounds that China doesn’t “play fair” in business.