Data Thieves Strike At Chemical Industry
Dozens of chemical companies have been hit with a wave of online attacks. At least 48 companies are confirmed to have been hit, of which 29 were in the chemical sector. The remaining 19 companies were involved in the chemical defense sector.
According to security researchers at Symantec, the assault ran from July until the middle of September, though the effects are still being felt. The true scale may be larger: at least 101 different locations are known to be housing computers infected by the attack, covering 20 different countries. (Source: symantec.com)
Cyber Attacks Use Low-Tech Approach
The attacks started in a relatively low-tech and simple fashion: the hackers sent emails to staff at the target companies with what looked to be text-based file attachments. In reality, these files were in fact executable programs that installed a rogue application named, dubbed "PoisonIvy."
The rogue app then contacted a command and control computer over the Internet which collected details of other computers on the same network, along with logins and passwords of users.
It then used the collected information to attempt to gain access to the other machines and spread across the network until it found sensitive data, which it then copied and transferred back to the attackers. (Source: computerworld.com)
Cyber Attacks Targets Said to be Specific
The attacks were clearly directed at specific targets.
In three cases, hundreds of staff received emails and in the rest of the attacks only a few employees received such messages. This "all or nothing" approach allowed the attackers to concentrate on customizing emails for specific individuals, thus increasing the likelihood of the message appearing credible and legitimate.
Pattern of Attacks Used Previously
According to Symantec, attacks of this kind have been seen before.
Back in April a number of human rights groups were targeted; then in May, it was the automotive industry. If the same people were responsible for the attacks, it raises the possibility that the attackers are not gathering the confidential information for their own use, but are instead acting in a mercenary role.
Companies from around the world were targeted by PoisonIvy, with twelve American, five British, and several Danish, Italian, Dutch and Japanese firms affected.
Free guide: Windows 7 -- Free Quick Reference Card. Ask any pro computer user and they'll tell you: having to constantly reach for the mouse not only causes strain on your neck and back - it also slows you down. Imagine being able to control your computer the way it was meant to be - using your keyboard! With this guide, you'll learn to dramatically increase productivity using the best ways to navigate, organize, and manage your Windows PC and its contents. Most importantly: the majority of these shortcuts, tips, and tricks are valid for any PC, netbook, and laptop running Windows XP, Vista, and 7. Use it to brush up on the basics and to find alternate methods to your favorite commands. This printable quick reference guide is yours to use, distribute, and share! Click here to download this guide now! Note: this guide is free, but registration is required; after that, you can select more ebooks and videos for download without registering again. If you have questions / problems with the registration form, please read this.