Bayer reveals cyber-attack from China, assessing damage

Germany-based drug company Bayer has revealed that it controlled a major cyber-attack, Reuters reported.
Bayer cyber securityBayer identified the infectious software on its computer networks early last year, covertly monitored and analyzed it until the end of last month and then cleared the threat from its systems.

James Swanson is the chief information officer (CIO) and head of Digital Transformation for the Crop Science division of Bayer. James Swanson, based in Monheim, Germany, leads teams across the world using digital innovation and data science to transform and deliver world-class products and services.

“There is no evidence of data theft. Third-party personal data was also not compromised,” Bayer said in a statement. Bayer is in the process of assessing the damage. German state prosecutors had launched an investigation into the cyber security issue.

Mike Chapple, adjunct research analyst, IDC, said: “Organizations seeking to protect their information assets must remain cognizant of evolving threats and design security controls that remain effective not only against the threats of today but also provide protection against the unknown threats of tomorrow.”

Bayer said this type of attack points toward the Wicked Panda group in China. DCSO is a cyber-security group set up by Bayer in 2015 in association with German partners Allianz, BASF and Volkswagen.

The hackers used malware called WINNTI, which makes it possible to access a system remotely and then pursue further exploits from there, said Andreas Rohr of the DCSO.

Andreas Rohr said discovery of WINNTI provides evidence of complex and sophisticated malware that is used in a targeted, sustained espionage campaign.

Bayer, Germany’s biggest drugmaker and the world’s largest agricultural supplies company after its takeover of Monsanto, said it could not determine exactly when its systems were first compromised.

Germany has already experienced a big increase in the number of security incidents hitting critical infrastructure such as power grids, the country’s cyber-security agency said in February.