Chinese hackers were behind cyber attacks on German tooling firms, a German daily newspaper reports. US authorities were said to have put Germany's BSI information security agency, and industry, on high alert.
Germany's BSI information security agency, tipped off by America, has identified small weak-link service firms as the gateways used to hack German industry, Germany's Süddeutsche Zeitung daily newspaper said on Wednesday.
Referring to US President Donald Trump's trade row with China and citing the "well-informed" website Axios, the paper said the BSI "acted promptly." Their actions in late November came after the US, via diplomatic channels, named German firms apparently targeted by "cloud hopper" hackers — allegedly from China.
German mechanical engineering and material research concerns were targeted in particular, the Munich-based newspaper said.
Cyber experts have long warned that Germany, with its high level of manufacturing and engineering expertise, would be keenly targeted for industrial secrets by hackers.
Potential to paralyze production
The BSI - in a 5 December press release — said the worldwide-circulating malware (malicious software) "Emotet," with the potential to paralyze enterprise networks, had led to a "heap" of severe incidents in Germany.
Categorized as Advanced Persistent Threats (APT), these were "highly professional" attacks adapted and automated the use of Emotet within infected networks, said BSI president Arne Schönbohm.
Seemingly authentic emails
Via so-called "Outlook-harvesting," seemingly authentic but fake emails - sourced from existing contact addresses and message fragments - spread Emotet, without it being identified and blocked by "common virus-protection programs," said the BSI.
"Decontamination attempts remain, as a rule unsuccessful, and harbor the danger that parts of the malicious software will remain in the system," it added.
Networks had had to be completely reinstalled "in numerous cases known to the BSI," resulting in production stoppages, said Schönbohm.
Crippled in Munich
On 7 December, the Munich manufacturer of sophisticated plastics and rubber molding equipment Krauss Maffei Group said "Trojan" attacks over two weeks had crippled "many" of its computerized production units.
Krauss Maffei has 5,000 personnel worldwide and was acquired in 2016 by China National Chemical Corporation.
ipj/rc (dpa, Reuters)