According to media reports, hacker attacks on German companies, including at least six DAX companies, have occurred on an enlarged scale in recent years. The hacker group “Winnti” often appears in the press. But who is that?
What happened?
According to media reports, hacker attacks on German companies, including at least six DAX companies, have occurred on an enlarged scale in recent years. The research of the Norddeutscher Rundfunk (NDR) and Bayerischer Rundfunk (BR) had the result that the possibly Chinese hacker group “Winnti” and with the malware of the same name was behind it.
Among the affected companies were also well-known DAX companies such as Bayer, Thyssen Krupp, BASF and Siemens. Nothing is currently known about data leaks or the companies are keeping a low profile. According to an analysis by BR and NDR, in which IT security experts were also consulted, the motives are industrial and political espionage. The nature of the attacks, the goals and the way the malware is programmed suggest that the perpetrator is the hacker group “Winnti“.
How does “Winnti” work?
The German Federal Office for Information Security (BSI) has already mentioned the hacker group Winnti in its 2017 IT security status report . Since the summer of 2016, an increasing number of observed cyber espionage attacks against commercial enterprises in Germany has been observed. It is assumed, especially in media reports, that these are Asian hacker groups. By redirecting traffic to the control servers of the perpetrators, secret industrial and economic data, as well as political secrets, are spied on.
In order to manipulate the systems and infiltrate malware undetected, the cybercriminals send e-mails with infected attachments or links. This opens a backdoor for hackers into their victim’s IT and the information can be tapped unnoticed. Such attacks can only be fended off by a combination of human and technical prevention. It is up to companies to take the necessary technical and organizational measures and protect themselves against cybercriminals.
