November 01, 2011, 3:42 PM — Security experts have been saying for a while that high-volume, sophisticated hacking operations with global reach have largely shifted from hacks of individual accounts into major heists and, more frequently, industrial espionage.
Certainly that has been a consistent theme in the Night Dragon and other espionage-centered attacks – including theft of SecureID code from RSA – by what security companies have identified as units of the Chinese military.
Symantec today published a report highlighting common threads and methods that amount to a long-term, concentrated series of attempts at industrial espionage on the global chemical industry.
The report "The Nitro Attacks: Stealing Secrets from the Chemical Industry"(PDF download)describes a series of targeted campaigns aimed at private companies to steal design documents, formulas, manufacturing processes and research materials.
The report is an unusually detailed description of the entire pattern of an attack, including the techniques and tools involved and data straight from the suspected perpetrator.
The most common denominator among the companies attacked is a direct or peripheral connection to the manufacture of military vehicles.
The chemical industry is just the latest target in a series of companies in specific vertical markets or other specialties to be targeted by attacks Symantec identified as similar enough to believe they came from the same source.
In April and May the attacks focused on human-rights activist groups. In May they shifted to the motor industry, then took a break until late July, when a series of attacks began on chemical companies that went on for more than two-and-a-half months.