Hans Christian Pretorius, director of operations at NSM, told Norwegian newspaper Dagens Naeringsliv:

They (the hackers) have done research beforehand and gone after key functions and key personnel in the various companies. Emails that appear to be legitimate are sent to persons in important roles at the companies with attachments. If the targeted employees open the attachments, a destructive program will be unleashed that checks the target's system for various holes in its security system. If a hole is found, the program will open a communications channel with the hackers and then the "really serious attack programs" can infect the targeted company’s computer system.

The goal is to plant a Trojan or a virus on the machine. The first program just sets up contact. Then the attacker can sit outside and download damaging code.

The attack is apparently a well orchestrated phishing attack on the oil sector to collect passwords via keyloggers on target computers.  NSM is not forthcoming in whom it suspects of perpetrating the cyber attacks but claims to have a strong lead. [AMAZONPRODUCTS asin="111864767X"]]]>