Menu
Bayer contains cyber attack it says bore Chinese hallmarks

Bayer contains cyber attack it says bore Chinese hallmarks

No evidence of theft found, German state prosecutors launched an investigation

Credit: Reuters | Wolfgang Rattay | File Photo

German pharmaceutics company Bayer has contained a cyber attack it believes was hatched in China, the company said, highlighting the risk of data theft and disruption faced by big business.

Bayer found the infectious software on its computer networks early last year, covertly monitored and analysed it until the end of last month and then cleared the threat from its systems, the company said on Thursday.

"There is no evidence of data theft," Bayer said in a statement, though a spokesman added that the overall damage was still being assessed and that German state prosecutors had launched an investigation.

"This type of attack points toward the 'Wicked Panda' group in China, according to security experts," the spokesman added, citing DCSO, a cyber security group set up by Bayer in 2015 with German partners Allianz, BASF and Volkswagen.

Third-party personal data was also not compromised, the spokesman said.

The hackers used malware called WINNTI, which makes it possible to access a system remotely and then pursue further exploits from there, said Andreas Rohr of the DCSO.

"Once it has been installed, more or less any action can be carried out," Rohr said.

Discovery of WINNTI provides clear evidence of complex and sophisticated malware that is used in a targeted, sustained espionage campaign, he added

Bayer, Germany's biggest pharmaceutics company and the world's largest agricultural supplies company after its takeover of Monsanto, said it could not determine exactly when its systems were first compromised.

Active Group

There was a WINNTI attack on computer systems at German technology group ThyssenKrupp in 2016, according to media reports at the time.

Rohr declined to comment in detail on the Bayer case, citing a non-disclosure agreement, but said he knew of at least five WINNTI attacks in Germany.

"This is a very active group of hackers with the ability to carry multiple international attacks in parallel," he said.

Manufacturing groups across the globe are expanding their data networks as sensors, processing chips and analytical tools become more advanced and cheaper.

Germany has experienced a big increase in the number of security incidents hitting critical infrastructure such as power grids, the country's cyber security agency said in February.

While it's not possible to say with certainty who was responsible for the attack, because the malware used is widely available, Rohr said the methods bore the hallmarks of Chinese hackers.

"The malware most probably comes from a Chinese group of ‘mercenaries’ who carry out targeted attacks and campaigns on the internet for money," he said.

"Their targets have in the past been the online gambling industry, the theft of intellectual property of the affected companies or the use of access for the purposes of espionage.”

German broadcasters BR and NDR initially reported the incident.

(Additional reporting by Douglas Busvine; Editing by Keith Weir and David Goodman)


Follow Us

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags cyber attackBayer

Events

Featured

Slideshows

Meet the Reseller News 30 Under 30 Tech Awards 2020 winners

Meet the Reseller News 30 Under 30 Tech Awards 2020 winners

This year’s Reseller News 30 Under 30 Tech Awards were held as an integral part of the first entirely virtual Emerging Leaders​ forum, an annual event dedicated to identifying, educating and showcasing the New Zealand technology market’s rising stars. The 30 Under 30 Tech Awards 2020 recognised the outstanding achievements and business excellence of 30 talented individuals​, across both young leaders and those just starting out. In this slideshow, Reseller News honours this year's winners and captures their thoughts about how their ideas of leadership have changed over time.​

Meet the Reseller News 30 Under 30 Tech Awards 2020 winners
Reseller News Exchange Auckland: Beyond the myths — how partners can master cloud security

Reseller News Exchange Auckland: Beyond the myths — how partners can master cloud security

This exclusive Reseller News Exchange event in Auckland explored the challenges facing the partner community on the cloud security frontier, as well as market trends, customer priorities and how the channel can capitalise on the opportunities available. In association with Arrow, Bitdefender, Exclusive Networks, Fortinet and Palo Alto Networks. Photos by Gino Demeer.

Reseller News Exchange Auckland: Beyond the myths — how partners can master cloud security
Reseller News welcomes industry figures at 2020 Hall of Fame lunch

Reseller News welcomes industry figures at 2020 Hall of Fame lunch

Reseller News welcomed 2019 inductees - Leanne Buer, Ross Jenkins and Terry Dunn - to the fourth running of the Reseller News Hall of Fame lunch, held at the French Cafe in Auckland. The inductees discussed the changing face of the IT channel ecosystem in New Zealand and what it means to be a Reseller News Hall of Fame inductee. Photos by Gino Demeer.

Reseller News welcomes industry figures at 2020 Hall of Fame lunch
Show Comments