Chinese hackers poke the Bayer, but German giant says it withstood attack German pharmaceuticals giant Bayer says it has been hit by malware, possibly from China, but that none of its intellectual property has been accessed. On Thursday the aspirin-flingers issued a statement confirming a report from Reuters that the Winnti malware, a spyware tool associated with Chinese hacking groups, had been …
With the new "trade" agreement in negotiation, I understand there are clauses in it about intellectual property. Don't know if there's penalties though. Makes me wonder how much stuff has China lifted worldwide? Seems like just about every tech, weapons industry, even products from mom and pop type firms has been lifted. Hopefully, China will finally start recognizing patents, etc. in the rest of the world. Unlikely but possible.
‘In the autumn of 2011, a Trojan was detected on a large number of computers – all of them linked by the fact that they were used by players of a popular online game. It emerged that the piece of malware landed on users’ computers as part of a regular update from the game’s official update server.’ ref
How did this Chinese-Korean malware get onto the game servers? Why were Bayer employees connecting to game servers on company time?
“The malware was spotted on Bayer PCs in early 2018, with the company silently monitoring its behavior for more than a year before finally pulling the plug on the operation last month and notifying authorities.”
I don't mean to be rude, Shaun Nichols in San Francisco, but I call baloney on that whole report. Most probably the computers were randomly infected with malware for more than a year before anyone noticed.
‘These characters appear to be Korean, meaning “desktop”. This means the attackers were working on a Korean Windows operating system. Therefore, we can presume that the attack is not exclusively the work of Chinese speaking cybercriminals’ ref
Make yer mind up, Chinese/Japanese/Korean/Iranian/Venezuelan .. whoever is America's current bogeyman ..
How did this Chinese-Korean malware get onto the game servers? Why were Bayer employees connecting to game servers on company time?
A lot of companies her in the States do allow "personal use" of company computers on lunch breaks and during the morning and afternoon break. So, people go check FB or personal e-mails and play games.
Why were Bayer employees connecting to game servers on company time?
German law actually lets people use company computers for personal stuff: for example booking holidays, checking the weather and you have to have grounds for suspicion to check up on this.
Bayer has had a Cyber Defence team for quite a few years now, partly down to legal requirements and partly down to concerted DDoS attempts in 2010 and 2011 and the increasing numbers of phishing attempts that proved the need for a dedicated team and for liasoning with the police on attacks.
Of course, talk to anyone in security and they'll admit there are two types of companies: those that know they've been hacked and those that don't know it yet.
@Charlie Clark: “No, and that's not what I said. Online games are nearly all browser-based.”
According to the report, the malware was installed on the users’ computers as part of a regular update. Besides what is a company with lots of pharmaceutical secrets even doing allowing staff to install games on a business machine? Unless the secrets consist in how to sell colored chalk for vast sums of money :]
If the Chinese were to get a hold of the technology Monsanto uses to infect non-GMO farms (allegedly?)--so they can use patent law to, ahem, acquire those farms in the courts, will the Chinese act less ethically than Monsanto in the use of the Franken-seeds?
And, could this be what the Chinese were after? Yes, I'm spinning a dark fantasy, but it's just so much dark fun that I couldn't resist. Anyway, I was very curious to find out exactly what the Bayer/Monsanto targets were. And, could it be that Bayer will end up regretting it's acquisition of Monsanto?
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
