BI’s Article search uses Boolean search capabilities. If you are not familiar with these principles, here are some quick tips.

To search specifically for more than one word, put the search term in quotation marks. For example, “workers compensation”. This will limit your search to that combination of words.

To search for a combination of terms, use quotations and the & symbol. For example, “hurricane” & “loss”.

Login Register Subscribe

Bayer contains cyberattack it says bore Chinese hallmarks


(Reuters) — German drugmaker Bayer AG has contained a cyberattack it believes was hatched in China, the company said, highlighting the risk of data theft and disruption faced by big business.

Bayer found the infectious software on its computer networks early last year, covertly monitored and analyzed it until the end of last month and then cleared the threat from its systems, the company said on Thursday.

"There is no evidence of data theft," Bayer said in a statement, though a spokesman added that the overall damage was still being assessed and that German state prosecutors had launched an investigation.

"This type of attack points towards the 'Wicked Panda' group in China, according to security experts," the spokesman added, citing DCSO, a cybersecurity group set up by Bayer in 2015 with German partners Allianz SE, BASF SE and Volkswagen AG.

Third-party personal data was also not compromised, the spokesman said.

The hackers used malware called WINNTI, which makes it possible to access a system remotely and then pursue further exploits from there, said Andreas Rohr of the DCSO.

"Once it has been installed, more or less any action can be carried out," Mr. Rohr said.

Discovery of WINNTI provides clear evidence of complex and sophisticated malware that is used in a targeted, sustained espionage campaign, he added

Bayer, Germany's biggest drugmaker and the world's largest agricultural supplies company after its takeover of Monsanto, said it could not determine exactly when its systems were first compromised.

'Active group'

There was a WINNTI attack on computer systems at German technology group ThyssenKrupp AG in 2016, according to media reports at the time.

Mr. Rohr declined to comment in detail on the Bayer case, citing a nondisclosure agreement, but said he knew of at least five WINNTI attacks in Germany.

"This is a very active group of hackers with the ability to carry multiple international attacks in parallel," he said.

Manufacturing groups across the globe are expanding their data networks as sensors, processing chips and analytical tools become more advanced and cheaper.

Germany has experienced a big increase in the number of security incidents hitting critical infrastructure such as power grids, the country's cybersecurity agency said in February.

While it's not possible to say with certainty who was responsible for the attack, because the malware used is widely available, Mr. Rohr said the methods bore the hallmarks of Chinese hackers.

"The malware most probably comes from a Chinese group of ‘mercenaries’ who carry out targeted attacks and campaigns on the internet for money," he said.

"Their targets have in the past been the online gambling industry, the theft of intellectual property of the affected companies or the use of access for the purposes of espionage.”

German broadcasters BR and NDR initially reported the incident.



Read Next