Major Companies Suffer Network Attacks

Wednesday, March 16, 2011 @ 08:03 PM gHale

More than a dozen major companies suffered the same type of network attacks Google did last year.

These companies, which include DuPont, Walt Disney Co., Sony Corp., Johnson & Johnson, and GE among others, kept the intrusion secret, internal emails from cyber-security firm HBGary Inc. show, according to a report in Bloomberg News.

The incidents described portray industrial espionage by hackers based in China, Russia and other countries. U.S. law enforcement agencies said the attacks have intensified in number and scope over the past two years.

The attacks on more than a dozen companies are discussed in 60,000 confidential emails that HBGary, hired by some of targeted businesses, said someone stole Feb. 6 and posted on the Internet by a group of hacker-activists known as Anonymous.

It would be hard to imagine that the scale of the current range of cyber attacks could grow larger, said FBI Deputy Assistant Director Steven Chabinsky, who works in the agency’s cyber division.

“It appears that every industry is being victimized by intrusions,” he said.

The companies identified by Bloomberg News from the emails never disclosed the security breaches to the outside world.

Global companies hire firms like Sacramento, CA-based HBGary to investigate illegal computer break-ins and to advise them on how to prevent cyber break ins. HBGary shares its forensic findings with other security firms and got information on undisclosed break-ins in return, the emails show.

The targets of the recent attacks included energy, pharmaceutical and defense companies, as well as high-tech manufacturers of global satellite imagery and smart bombs, according to the HBGary emails, which include correspondence with clients or potential clients.

Google said in January 2010 it had lost intellectual property assets to hackers based in China. It also said about 20 other companies it declined to identify then and again on March 7 were victims of the same kind of intrusions. Adobe Systems Inc. said it suffered an attack from hackers based in China. Intel Corp. said there was a “sophisticated incident” around the same time as Google.

DuPont spokesman Dan Turner said the company doesn’t comment on “cyber security-related risks.” Johnson & Johnson spokeswoman Carol Goodrich declined to comment. Representatives of Disney and GE didn’t return phone calls and emails seeking comment. A Sony spokeswoman declined to comment.

Among HBGary’s clients was Houston-based drilling company Baker Hughes Inc., which said suffered from a hacking incident as part of a wide assault on energy companies. Baker Hughes provides advanced drilling equipment and proprietary techniques for assessing the quality and accessibility of oil reserves.

HBGary Chief Executive Officer Greg Hoglund wrote in a January email his company had been tracking cyber attacks against oil and gas companies aimed at “stealing competitive bids, architectural plans, project definition documents, functional operational aspects to use in competitive bid situations from Siberia to China.”

A Baker Hughes spokesman, Gary Flaharty, confirmed a breach in his company’s networks.

Leave a Reply

You must be logged in to post a comment.