The Dax-group Bayer has been compromised by the alleged Chinese “Winnti”-group digital. According to information from BR and NDR the malicious software until the end of March was to be found in the network of the group.
hacker attack on the Bayer group: The hacker group “Winnti” to act on behalf of the Chinese state. Of both IT security experts and German safety authorities. It is believed that the same group in 2016, had also infiltrated the Dax-group, ThyssenKrupp.
Bayer confirmed on request, that the hackers were able to penetrate into the network of the group: “Our Cyber Defense Center has detected the beginning of 2018, the signs of ‘Winnti’infections, and extensive analyses started”, and shall notify the group in writing. It will not be possible to reconstruct, since when the hackers in the Bayer network.
Bayer confirmed signs of “Winnti”infections.
targeted attack
“If a company finds that it has the ‘Winnti’-malicious software on one or more computers, then it is clear that it is a targeted attack,” says Andrew pipe, Director for technology at the German Cyber-security organization (DCSO). This was founded in 2015 by different companies, including Bayer, and for the elucidation of the spying-action. Tube says, companies would have to ask the question, “how big is the compromise, that is to say, the infestation in the entire network.” The “Winnti”group is known for a very strong spread.
The hackers of the Winnti group have been infected, according to Bayer, in particular, “systems at the interface from the Intranet to the Internet, as well as authorization systems”. The Hacker should be professionally taken.
hackers were highly professional, but there were losses, according to company information, no verifiable data.
Bayer indicates that there was “no evidence for loss of data”. A “Winnti”-malicious software infected the System had found the data journalists of the BR with the help of network Scans and then the group contacted. At the end of March, the systems have been adjusted, it shall notify Bayer of: “Up to this point, the attacker not to our knowledge actively to information auszuleiten.”
investigated
The group penalty introduced display. The Prosecutor’s office of Cologne-based Central point of contact Cybercrime North Rhine-Westphalia (ZAC NRW), confirmed the incident, declined to comment but for “determination tactical reasons” at the moment.
in addition to guarantee private Bank accounts for the Dax group “Winnti”malicious software was found after information from BR and NDR since the beginning of the year, at least three companies from the German Mittelstand. The IT security competent Federal office for information security (BSI), with allocated on demand, that it was the companies that are in the area of “chemical, engineering and Software”. The BSI warns, the threat situation in Cyber space is for the German economy on a tense high level.
in 2016, there was an incident in the “Winnti”-malicious software, was used to: ThyssenKrupp. Florian Roth of the company Nextron system analyzed at the time of attack the Hacker. “In ‘Winnti’ is, in my opinion, one of the most difficult-to-recognize harmful programs at all,” says Roth. The Software will leave traces on the hard disk.
to be China’s goal: A leading economic nation.
The trail to indicates to China
The former BND President Gerhard Schindler, who now works as a consultant, lead to the fact that the unique assignment of a hacker group to a country is always very difficult. Cyber-espionage in German companies fit in, but to China’s ambitious economic goals: China wool close the gap “by 2025, one of the leading economic Nations and until 2049, so the 100-year anniversary of the people’s Republic, to the most powerful economic nation in the world,” says Schindler.
pipe from the DCSO stated also that the Winnti group spied-company would fit into China’s plans: “therefore, one can assume that there is a specific order from the Chinese government.” To be 100 percent of the not prove.
the protection of the Constitution warns of economic espionage
the Bundestag, Too, dealt repeatedly with the problem. Recently, a representative of the Federal office for the protection of the Constitution (BfV) has warned in January of this year, before the Chinese economic espionage. In a confidential session of the interior Committee, he reported that, in Germany, in addition to the large, small and niche companies specialised in focus. This could afford no larger IT security teams.
in September 2018, the BfV has warned the deputies in front of the new Chinese intelligence service act. This spaces the own authorities with extensive special rights to be virtually no restrictions in the foreign intelligence service.
Bayer group of victims of “Winnti-Hack”
Svea Eckert, NDR, Hakan Tanriverdi, BR
03.04.2019 18:20 PM
We offer this Audio in the following formats for Download:
mp3 Ogg Vorbis
note: , If the audio file is not saved when you Click automatically, you can select click with the right mouse button and “save target as…”.