China’s Cyber Attack Targets Fortune 100 Chemical Firms: Report
Posted by Author on November 1, 2011
Canadian operators of telecommunications networks, power grids, water systems and other services of vital importance are growing less prepared for a potentially devastating cyber attack, Symantec Corp. said in a report released on Monday.
In a separate report, the world’s largest security software maker also uncovered a series of attacks targeting dozens of companies in the industrial chemical production sector, which the company traced to a single user based in China.
Applied Research telephoned 3,475 companies in 37 countries between August and September, including 625 in Canada, on behalf of Symantec. The second annual Symantec Critical Infrastructure Protection Survey found providers were growing complacent about potential threats posed by computer hackers.
“Critical infrastructure providers are less engaged with their government’s CIP [critical infrastructure protection] programs, less concerned about threats and less ready than 12 months ago,” reads an excerpt from the 15-page report.
The report defines ‘critical infrastructure providers’ as companies operating in at least one of 14 industries such as finance, government, energy, public services, aviation and chemical products. The list of industries was expanded from six used in the inaugural report published last year.
Just over one third of respondents worldwide (37%) said their companies were engaged in CIP programs in 2011, down from 56% in 2010. In Canada, only 30% of respondents said they were engaged with protection programs this year.
Overall, preparedness was down 8% across the world to about 62% in 2011, down from about 70% in 2010.
The results stand in stark contrast to the growing number of cyber attacks launched against critical infrastructure providers over the past year.
On Monday, Symantec released details on a series of attacks launched against “multiple” Fortune 100 companies involved in the industrial chemical production sector. Dubbing the campaign the “Nitro Attacks” due to their specific targets, a total of 48 companies were victimized, the report said.
“The purpose of the attacks appears to be industrial espionage, collecting intellectual property for competitive advantage,” Symantec said in a white paper on the campaign.
Tracing the origins of the various breeches to a virtual private server (VPS) in the United States, researchers eventually discovered the system was owned by a “20-something male” located in China’s Hebei province.
Codenamed “Covert Grove,” the man said the VPS was only used by him and only for legitimate purposes upon being contacted by Symantec. While the researchers found his explanation “suspicious,” the suspect’s location in China makes a continued investigation difficult, if not impossible.
A similar string of attacks, codenamed “Night Dragon,” hit the global oil and gas industry in February of this year.
In August, a series of attacks known as Operation Shady RAT [random access tool] was detailed by McAfee Inc., another Internet security firm that was acquired by Intel Corp. last year. In what was since become known as the largest series of cyber attacks in history, Shady RAT targeted 72 organizations including the United Nations, governments and companies around the world.
One of them was the government of Canada.
Hackers believed to have been from China breached the networks of the federal Ministry of Finance and the Treasury Board in January, stealing an unknown amount of classified data. Nearly seven months later, Ottawa was still scrambling to recover its losses and re-secure government computers.
The Canadian Security Intelligence Service (CSIS) said in a report released on Sunday it had warned the government of an impending attack on its network weeks in advance. But Canada’s spy agency had actually been sounding alarm bells for months before the attacks took place.
“Compromises of computer and combinations networks of the Government of Canada, Canadian universities, private companies and individual customer networks have increased substantially,” reads part of a leaked CSIS memo originally distributed in May 2010.
“In addition to being virtually unattributable, these remotely operated attacks off a productive, secure and low-risk means to conduct espionage.”
Ottawa, for its part, has thus far poured about $90-million into its 2010 Cyber Security Strategy being run by Public Safety Canada. Yet what appears to be missing from that strategy is an effort to ensure those in the private sector — particularly those who control critical infrastructure — remain aware of the constant and collective threat we all face.
Sorry, the comment form is closed at this time.