Chinese 'Aurora' Hackers Hit DuPont
Chinese hackers infiltrated the computer networks of the global chemical company DuPont in late 2009, probably as part of the large-scale hack known as Operation Aurora that also victimized Google and Morgan Stanley.
A Dec. 9 e-mail from the security firm HBGary Federal stated DuPont was the target of an industrial espionage campaign, Bloomberg News reported. Company PCs were infected with spyware during a DuPont business trip to China.
Google, Morgan Stanley and about 200 other companies were also victims of Operation Aurora. Most have not identified themselves.
Unlike Google, which made its breach public in January 2010, DuPont kept the hack secret. Sen. Sheldon Whitehouse (D-R.I.) told Bloomberg News that DuPont didn't make the cyberattack public because it feared the impact of revealing the breach to investors. Whitehouse chaired a Senate task force last year on cybersecurity.
The targeting of international companies for online attacks points to a dangerous trend in corporate cybersecurity , one that could become more prevalent unless companies take steps to secure their online data.
We are on the losing end of the biggest transfer of wealth through theft and piracy in the history of the planet, Whitehouse said.
The HBGary Federal e-mails that broke the news about the DuPont and Morgan Stanley hacks were stolen and posted online last month by the hacktivist group Anonymous after HBGary Federal's chief executive, Aaron Barr, boasted he would reveal the identities of Anonymous' members.
A separate Chinese-based attack, aimed at energy companies, was also launched in late 2009. The security firm McAfee reported the Night Dragon attack in a Feb. 9 report. The report didn't disclose the targeted companies, but the HBGary Federal e-mails listed them as Exxon Mobil, Royal Dutch Shell, BP, Marathon Oil, ConocoPhillips and General Electric.
- Cybercrime Blotter: High-Profile Hacks of 2011
- Cybercriminals Stay One Step Ahead of Law
- Security and Privacy Software Reviews