New security report has revealed at least 48 companies involved in research, development, manufacturing of chemicals and advanced materials have been victims of a coordinated cyberattack traced to a source in China. The purpose of the attacks, code named Nitro, appear to be industrial espionage, collecting intellectual property for competitive advantage, according to Symantec.
Companies affected include:
• Multiple Fortune 100 companies involved in research and development of chemical compounds and advanced materials.
• Companies that develop advanced materials primarily for military vehicles.
• Companies involved in developing manufacturing infrastructure for the chemical and advanced materials industry.
From the report:
Figure below shows the location of infected computers. This data is derived from the IP addresses of machines connecting back to the command and control server. The majority of infected machines are located in the US, Bangladesh and the UK; however, overall there is wide geographical spread of infections.
Figure below shows the country of origin of the organizations targeted by these attacks. While the US and UK again figure highly here, overall the geographical spread is different. This means that the infected computers are rarely located within the organizations’ headquarters or country of origin.
|Data Center||Policy & Regulation|
|DNS Security||Regional Registries|
|Domain Names||Registry Services|
|Intellectual Property||Top-Level Domains|
|Internet of Things||Web|
|Internet Protocol||White Space|
Afilias - Mobile & Web Services