30 years of commitment
Chemical Industry Council of California

Symantec Uncovers Cyber Attacks on Chemical Industry


Posted 11/1/11

 

 

October 31, V3.co.uk - (International) Symantec uncovers Nitro [cyber] attacks targeting chemical industry. Symantec has revealed a large-scale targeted cyber attack designed primarily to steal information from chemical and defense companies, including 27 in the United States. Dubbed "Nitro", the campaign started in late April focused on human rights groups, before moving onto the motor industry, according to the Symantec Nitro attacks report. The attack moved onto the chemical industry in late July, targeting 29 companies and another 19 in sectors such as defense, the report said. 

 

The attackers used the common ploy of sending certain members of a target organization an e-mail with a malicious attachment disguised as a meeting invitation or security update. "The emails contained an attachment that was either an executable that appeared to be a text file based on the file name and icon, or a password-protected archive containing an executable file with the password provided in the email," the report said. "In both cases, the file was a self-extracting executable containing PoisonIvy, a common backdoor Trojan developed by a Chinese speaker." Once the infected machine was connected to the command and control server, attackers could traverse the network, infecting additional computers in search for the domain administrator's credentials, and from there locate servers containing intellectual property.

 

Eventually the content is uploaded to a remote site. The attacks were spread geographically, but most infected machines were located in the United States (27), Bangladesh (20), and the United Kingdom (14). Symantec traced the attacks to a virtual private server (VPS) based in the United States, but registered to a "20-something male" in Heibei, China dubbed "Covert Grove". The male claimed the VPS, which cost him $32 a month to rent, was set up for legitimate purposes, but Symantec researchers found evidence that may point to the contrary. "When prompted regarding hacking skills, Covert Grove immediately provided a contact that would perform 'hacking for hire'. Whether this contact is merely an alias or a different individual has not been determined," the researchers concluded.   See Source Document 

 

* * * *


back to top

 




2011 Website Articles

MEMBERS' CORNER

CA Election Review - 2018
Posted 11/27/18

CICC FOUNDERS & PIONEERS
The Early Years - Incorp. 1981

Teleconference & Web-Mtgs
1st and 3rd Fridays each month

2018 CICC Members List

Members In the Spotlight
"Caught in the Act of Doing Good"

PRIORITY LEGS & REGS

LEG INFO & STATUS

California Legislature
Members, Rules, Glossary of Terms, Calendar, How a Bill Becomes Law

Legislative Calendar
Session Dates and Deadlines

Official CA Legislative Info
Search by Bill No, Author or Key Word

Today In the Capitol Building
Committee Mtgs & Floor Sessions

New California Laws
Laws enacted 2010 thru 2016

California Law
Search 29 Separate Codes

Essential Links to State & Federal Websites
Governor, CA Legislature, Cal/EPA, Congress, U.S. EPA - and more

CUPA NEWS & ANNOUNCEMENTS

SAFETY / SECURITY & TRAINING

Security Training & Educational Events
Members must login to view links

Homeland Security Information Network (HSIN)
Members must login to view links

IN THE NEWS!

CICC News
California Challenges & Opportunities

CICC Archives
Prior Months News Stories, Issues & Items, Flash and more ---

News, Weather & more
Today's News From MSNBC

UPCOMING EVENTS

Members' Web-Mtg - Legs & Regs
Fri., June 7th, 2019 @ 8:30 a.m.

NORTHERN CALIFORNIA CHEMICAL SAFETY DAY
Thurs, June 27th - Dixon CA

38th CICC ANNUAL MEETING
Sacramento - August 19th -21st