Cyber spy campaign targets chemical industry: Symantec

Oct 31, 2011

US Internet security firm Symantec on Monday exposed a cyber spying campaign targeting trade secrets at top chemical firms and linked the industrial espionage to a man in China.

At least 48 companies, including some that make advanced materials for , were targeted in a campaign Symantec dubbed "Nitro" given the type of information at risk.

"Attacks on the chemical industry are merely their latest attack wave," Symantec security response team members Eric Chien and Gavin O'Gorman said in a report released on Monday.

The attacks targeted NGOs supporting human rights from late April to early May before switching to the motor industry, according to the report.

Major chemical firms, mainly in the United States, Britain, and Bangladesh, came under fire by cyber from late July to mid September, Symantec said.

Nitro was aimed at stealing intellectual property for competitive advantage, according to Chien and O'Gorman.

Attackers researched firms, sending selected workers booby-trapped emails that, once opened, secretly infected computers with malicious "Poison Ivy" software designed to steal information.

While various ruses were used to trick workers into opening email attachments to unleash in machines, a typical pretext was to fake a meeting invitation from an established business partner.

Another tactic used by cyber spies was to send employees email purporting to be a security software update that needed to be installed in computers, according to Symantec.

Poison Ivy code was written by a Chinese speaker and Nitro attacks were traced to a server located in the United States but owned by a "20-something male" in the Hebei region of China, the report said.

Symantec referred to the man internally as "Covert Grove" based on a literal translation of his name from Chinese to English.

China has repeatedly denied state involvement in cyber espionage against Western governments and companies, including well-publicized attacks on Internet giant Google that sparked a row between Washington and Beijing.

Explore further: Belarus tightens control over online media

add to favorites email to friend print save as pdf

Related Stories

China hit by 500,000 cyberattacks in 2010

Aug 09, 2011

China said Tuesday it was hit by nearly 500,000 cyberattacks last year, about half of which originated from foreign countries including the United States and India.

Recommended for you

Spain: Google News vanishes amid 'Google Tax' spat

Dec 16, 2014

Google on Tuesday followed through with a pledge to shut down Google News in Spain in reaction to a Spanish law requiring news publishers to receive payment for content even if they are willing to give it away.

Brazil: Google fined in Petrobras probe

Dec 15, 2014

A Brazilian court says it has fined Google around $200,000 for refusing to intercept emails needed in a corruption investigation at state-run oil company Petrobras.

Microsoft builds support over Ireland email case

Dec 15, 2014

Microsoft said Monday it had secured broad support from a coalition of influential technology and media firms as it seeks to challenge a US ruling ordering it to hand over emails stored on a server in Ireland.

User comments : 1

Adjust slider to filter visible comments by rank

Display comments: newest first

Nerdyguy
not rated yet Oct 31, 2011
"...linked the industrial espionage to a man in China."

One more reason that we need to get our financial house in order in the U.S. We wouldn't sound quite so ridiculous when making demands on the Chinese that they stop their massive espionage campaign against the U.S.

Please sign in to add a comment. Registration is free, and takes less than a minute. Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.