Call Us 281.395.5497Call Us 281.395.5497 ☰ ˟
Manage Policy File a Claim
Logo
281.395.5497
877.868.8063
  • Home
  • Get A Quote
  • Personal
    • Personal Lines Home Page
    • Auto
    • Condominium
    • Farm
    • Flood
    • High Value Home
    • Home
    • Jewelry
    • Life
    • Motorcycle
    • Motor Home/RV
    • Off-Road Vehicles
    • Private Aviation
    • Rental Property
    • Renters
    • Specialty (Classic Collector) Auto
    • Personal Umbrella
    • Watercraft & Boat
  • Business
    • Business Insurance Home Page
    • Business Insurance Coverages
    • Business Insurance Industries
    • Employee Benefits
  • Our Carriers
  • Make A Payment
  • Client Center
  • Resources
    • Policy Review Request
    • Insurance Glossary
    • Frequently Asked Questions
    • Privacy Policy
    • Our Blog
    • Refer a Friend
    • Our Partners
  • About Us
  • Contact Us
    • Contact Us
    • Employee Directory
    • Location
Icon Icon Icon Icon Icon Icon
Home > Blog > Cyber Attack Targets Chemical, Defense Firms
TUESDAY, NOVEMBER 1, 2011

Cyber Attack Targets Chemical, Defense Firms

At least 48 chemical and defense companies were victims of a coordinated cyber attack that has been traced to a man in China, according to a new report from security firm Symantec Corp.

Computers belonging to these companies were infected with malicious software known as “PoisonIvy,” which was used to steal information such as design documents, formulas and details on manufacturing processes, Symantec said Monday.

It did not identify the companies, but said they include multiple Fortune 100 corporations that develop compounds and advanced materials, along with businesses that help manufacture infrastructure for these industries.

The bulk of the infected machines were based in the United States and United Kingdom, Symantec said, adding that the victims include 29 chemicals companies, some of which developed advanced materials used in military vehicles.

“The purpose of the attacks appears to be industrial espionage, collecting intellectual property for competitive advantage,” Symantec said in a white paper on the campaign, which the company dubbed the “Nitro” attacks.

The cyber campaign ran from late July through mid-September and was traced to a computer system in the United States that was owned by a man in his 20s in Hebei province in northern China, according to Symantec.

Researchers gave the man the pseudonym “Covert Grove” based on a literal translation of his name. They found evidence that the “command and control” servers used to control and mine data in this campaign were also used in attacks on human-rights groups from late April to early May, and in attacks on the motor industry in late May, Symantec said.

“We are unable to determine if Covert Grove is the sole attacker or if he has a direct or only indirect role,” said Symantec’s white paper. “Nor are we able to definitively determine if he is hacking these targets on behalf of another party or multiple parties.”

The Nitro campaign is the latest in a series of highly targeted cyber attacks that security experts say are likely the work of government-backed hackers.

Intel Corp.’s security unit McAfee in August identified ”Operation Shady RAT,” a five-year coordinated campaign on the networks of 72 organizations, including the United Nations, governments and corporations.

In February, McAfee warned that hackers working in China broke into the computer systems of five multinational oil and natural gas companies to steal bidding plans and other critical proprietary information.

Symantec said on Monday that the Nitro attackers sent emails with tainted attachments to between 100 and 500 employees at a company, claiming to be from established business partners or to contain bogus security updates.

When an unsuspecting recipient opens the attachment, it installs “PoisonIvy,” a Remote Access Trojan (RAT) that can take control of a machine and that is easily available over the Internet.

While the hackers’ behavior differed slightly in each case, they typically identified desired intellectual property, copied it and uploaded it to a remote server, Symantec said in its report.

Symantec did not identify the companies that were targeted in its white paper and researchers could not immediately be reached.

Dow Chemical Co said it detected “unusual e-mails being delivered to the company” last summer and worked with law enforcers to address this situation.

“We have no reason to believe our operations were compromised, including safety, security, intellectual property, or our ability to service our customers,” a Dow spokesman said.

A spokesman for DuPont declined to comment.

(Reporting by Jim Finkle. Additional reporting by Matt Daily and Ernest Scheyder; Editing by Gerald E. McCormick and Richard Chang)

Posted 3:11 PM

Share |


No Comments


Post a Comment
Required
Required (Not Displayed)
Required


All comments are moderated and stripped of HTML.

NOTICE: This blog and website are made available by the publisher for educational and informational purposes only. It is not be used as a substitute for competent insurance, legal, or tax advice from a licensed professional in your state. By using this blog site you understand that there is no broker client relationship between you and the blog and website publisher.
Blog Archive
  • 2022
  • 2021
  • 2020
  • 2019
  • 2018
  • 2017
  • 2016
  • 2015
  • 2014
  • 2013
  • 2012
  • 2011
  • 2010

  • business insurance(58)
  • katy(48)
  • houston(44)
  • texas(39)
  • austin(28)
  • dallas(28)
  • san antonio(27)
  • brewery insurance(22)
  • distillery insurance(20)
  • small business insurance(15)
  • manufacturing insurance(12)
  • craft brewery insurance(11)
  • restaurant insurance(10)
  • tx(8)
  • insurance(7)
  • home insurance(6)
  • fort worth(5)
  • craft beer insurance(5)
  • katy tx(4)
  • workers compensation insurance(4)
  • insurance katy tx(4)
  • workers comp insurance(4)
  • auto repair shop insurance(3)
  • commercial insurance(3)
  • flood insurance(3)
  • general liability insurance(3)
  • auto insurance(3)
  • commercial auto insurance(2)
  • doctors office insurance(2)
  • houston tx(2)
  • the woodlands(2)
  • directors and officers liability insurance(2)
  • manufacturing business insurance(2)
  • d&o liability insurance(2)
  • homeowners insurance(2)
  • retail insurance(2)
  • wholesale business insurance(2)
  • business interruption insurance(2)
  • risk management(2)
  • commercial insurance katy tx(2)
  • craft brewers insurance(2)
  • homeowners(2)
  • medical office insurance(2)
  • management liability insurance(2)
  • lawsuits(1)
  • umbrella insurance(1)
  • saving money(1)
  • commercial general liability(1)
  • retail business insurance(1)
  • funding(1)

View Mobile Version
Facebook
Twitter
Google+
LinkedIn
Get Directions
Contact Us Today
Contact Us Today
Resources
Get a Quote
Payment Options
Personal
Business
About Us
Our Blog
Our Carriers
Contact Us
Contact us 5503 4th St.
Katy, TX 77493

281.395.5497
info@ghfins.com
© Copyright. All rights reserved.