Chinese flag

A Chinese hacking crew dubbed the Comment Group has been romping through corporate America's computer networks for a few years now. The extent of the breaches wasn't clear until Bloomberg published an in-depth report Sunday detailing in part how soft drink giant Coke was hacked in 2009 and didn't tell.

The deep hacking of sensitive data from Coke's systems destroyed a $2.4 billion acquisition deal with China Huiyuan Juice Group, which would have been the largest deal of its kind at the time:

Coca-Cola, the world’s largest soft-drink maker, has never publicly disclosed the loss of the Huiyuan information, despite its potential effect on the deal. It is just one in a global barrage of corporate computer attacks kept secret from shareholders, regulators, employees -- and in some cases even from senior executives.

When hackers last year waged a large-scale attack on BG Group Plc (BG/), raiding troves of sensitive data, the British energy company never made it public. Luxembourg-based steel maker ArcelorMittal (MT) also kept mum when intruders targeted, among others, its executive overseeing China. As did Chesapeake Energy Corp. (CHK), after cyber attackers made off with files from its investment banking firm about natural gas leases that were up for sale.

Using sources with in-depth knowledge of the breaches and their effects on each company, Bloomberg goes on to report an alarming pattern of steadfast corporate denial in addition to threadbare security guarding remarkably sensitive, high-value data.

The Chinese Foreign Ministry, naturally, has denied the hacks are state-sponsored and told Bloomberg allegations the Comment Group is a secret branch of the Chinese military are not supported by "concrete evidence and investigation."

Cybersecurity expert James Lewis defined the bottom line behind the attacks and the best reason to believe they are part of an active, state-sponsored program when he told Bloomberg reporters, "This has been a part of their plan to catch up to the West [...] You steal their technology, you steal their business secrets."

Chinese flag

Telvent, which provides services that facilitate remote control and monitoring of large sections of the energy industry, may have recently fallen prey to Chinese hackers. While notifications about the Sept. 10 systems intrusion were distributed by Telvent Canada, Ltd., the cyber attack was "sophisticated" and targeted operations in the U.S. and Spain as well as Canada.

Security experts believe the culprits are a group of Chinese hackers who have attacked Western companies in the past.

Krebs on Security explains more about the hack:

Telvent said the attacker(s) installed malicious software and stole project files related to one of its core offerings — OASyS SCADA — a product that helps energy firms mesh older IT assets with more advanced "smart grid" technologies.

The firm said it was still investigating the incident, but that as a precautionary measure, it had disconnected the usual data links between clients and affected portions of its internal networks.

Krebs also viewed documents that explained that the malware used in the attack suggested the intruders may have been Chinese hackers known as both Byzantine Candor and the Comment Group. As Krebs notes, Bloomberg News has taken a deep dive into possible Comment Group exploits.

The hackers, whom many experts believe are part of the Chinese military establishment, have struck targets as diverse as Halliburton Co., Canadian court officials and the president of the European Union Council.

It's probably just a coincidence, but Saturday, just a few days after Krebs on Security first reported the Telvent intrusion, Rogers Internet, which services millions of Canadian customers, had a sustained and serious service outage. That just doesn't sound subtle enough for an outfit like the Comment Group.