Dozens of chemical and defence firms hit by China-based hack

News

Dozens of chemical and defence firms hit by China-based hack

Warwick Ashford

A China-based industrial espionage hacker attack targeted at least 29 chemical industry firms, including Fortune 100 firms, in July and September, researchers at Symantec have found.

The researchers uncovered evidence that 19 other defence-related firms, including five in the UK, had also been targeted, according to the BBC.

The attacks followed a similar pattern to the breach earlier this year at RSA, the security division of EMC, where workers were sent e-mails with malicious attachments.

Clicking on the attachments activated a PoisonIvy Trojan designed to provide details of the targeted computer networks to enable hackers to locate and copy files to another part of the network, from where they were extracted.

Symantec said researchers had traced the attacks to a man in the Hebei region of China who had funnelled the process through a server located in the US.

A key focus of the soon-to-be-released UK cybersecurity strategy will be blocking intellectual property theft through cyber attacks, which is becoming increasingly common.

Earlier this week, an attack on Japan's mapping agency raised fears that breaches at a series of government agencies are part of a series of sustained attacks.

Japanese officials say servers at the Geospatial Information Authority were breached in an attempt to access servers at a private cybersecurity company and a university.

Japanese officials are concerned that the latest attack shows hackers are attempting to take advantage of backdoor routes between trusted servers to access classified information.

The breach at the mapping agency follows reports last week of cyber attacks on computers in Japan's lower house of parliament, Japan's biggest defence contractor Mitsubishi Heavy, and nine of Japan's overseas diplomatic missions in the past few months.

The attack on Japan's lower house of parliament was reported to have been launched from a server based in China, but Chinese officials have denied involvement.

In June, internet giant Google said a cyber-spying campaign originating in China had targeted the Gmail accounts of senior US officials, military personnel, journalists and Chinese political activists.

 


Email Alerts

Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
 

COMMENTS powered by Disqus  //  Commenting policy