Security Experts:

European Space, Industrial Firms Breached in Cyber Attacks: Report

European Aeronautic Defence and Space Company and ThyssenKrupp Breached, Germany Calls for Mandatory Breach Disclosure

German news magazine The Spiegel reported on Sunday that European Aeronautic Defence and Space Company (EADS) and German Industrial multinational conglomerate ThyssenKrupp, have fallen victim to recent cyber-exploitation attacks.  

A few months ago, an “extraordinary attack” was launched against EADS, according to the report. The Company, however, has remained silent on the topic of any potential damage, but did rate the incident so severe that it alerted the German Federal government about it.

ThyssenKrupp fell victim to an attack in mid 2012, described as “heavy” and of an “exceptional quality”. The Company confirmed the incident to The Spiegel. According to sources, the breach occurred at a US-based subsidiary. The corporation has no knowledge whether anything at all, or anything specific was copied and stolen by attackers. The source addresses of the attacks appeared to be from China, according to the report.

The report also states that the German Federal Agency for Constitutional Protection (Verfassungsschutz) registered 1100 exploitation attacks from foreign intelligence services, the majority of them targeting the Chancellery and Foreign and Economic Ministries using Spear-Phishing attacks.

German security agencies noticed a particular spike leading up to the G20 Summit, targeting the German members of the delegation, according to the Spiegel. The focus of interest appeared to be financial and energy policy related material. The Bundesnachrichten Dienst (BND, the German Foreign Intelligence Agency), is now reportedly planning to create a cyberwar department.

The Spiegel also reports that Germany's Minister of the Interior is now planning a IT Security Bill to implement a regulation requiring breaches and incidents to be reported by businesses, joining the EU commission which also is planning to require mandatory reporting of hacking for about 44,000 companies.

The full article from The Spiegel in German is available here.

Related: Symantec Uncovers Attacks Targeting Defense, Aerospace Execs

Subscribe to the SecurityWeek Email Briefing
view counter
Oliver-Christopher Rochford works for Tenable Network Security and lives in Germany. He has over a decade of Information Security experience garnered from such diverse companies as Integralis, Qualys, Secunia and HP ESS, and has frequently written and and given interviews on the topics of Information and Offensive Security, as well as Cyber-Terrorism and Hacker Culture.