Bayer points finger at Chinese-based group after blocking cyber attack
FRANKFURT (Reuters) - Bayer, Germany’s largest drugmaker, said it had contained a cyber attack on its computer networks it believes was hatched in China, highlighting the risk to big business of data theft and disruption.
Bayer found the infectious software early last year, covertly monitored and analyzed it until the end of last month and then cleared the threat from its systems, the company said on Thursday.
“There is no evidence of data theft,” the statement said, although a spokesman added that the overall damage was still being assessed and that German state prosecutors had launched an investigation.
“This type of attack points toward the ‘Wicked Panda’ group in China, according to security experts,” the spokesman said, citing DCSO, a cyber security group set up by Bayer in 2015 with German partners Allianz, BASF and Volkswagen.
Bayer said the infection also bore the hallmarks of a hacker group known as Winnti, an umbrella term for groups that are believed to include Wicked Panda.
Third-party personal data was also not compromised, the spokesman said.
Bayer, the world’s largest agricultural supplies company thanks to its takeover of Monsanto, said it could not determine exactly when the incident started.
Winnti attacked computer systems at German technology group ThyssenKrupp in 2016, according to media reports at the time.
Manufacturing groups across the globe are expanding their data networks, as sensors, processing chips and analytical tools become more advanced and cheaper.
Germany has experienced a big increase in the number of security incidents hitting critical infrastructure such as power grids and water suppliers, the country’s cybersecurity agency said in February.
German broadcasters BR and NDR initially reported the incident.
Reporting by Ludwig Burger and Patricia Weiss; Editing by Dale Hudson and Keith Weir
Our Standards:The Thomson Reuters Trust Principles.