German chemicals giant Bayer confirmed Thursday reports it had suffered a hacking attack, but insisted that so far no data appeared to have been stolen.
The Leverkusen-based group “detected indications of (hacker group) Winnti infections at the beginning of 2018,” a spokesman told AFP, confirming reports by German public broadcasters BR and NDR.
“There is no evidence of data outflow,” he added.
Hackers from the so-called Winnti group, believed to be linked to the Chinese state, were first spotted using malicious software to spy on Bayer’s activities in early 2018 and were present in company networks until late last month, the media reports said.
Bayer said that “in close collaboration with” private cyber security organisation DCSO and police in North Rhine-Westphalia state it had “identified, analysed and cleaned up the affected systems.”
The two public broadcasters reported that state police had declined to comment on the investigation for “tactical reasons”.
For its part, Bayer said that Cologne state prosecutors were looking into the case.
Gerhard Schindler, former head of Germany’s BND foreign intelligence service, told BR that while it was extremely difficult to attribute hacking attacks to any state, spying on German firms was “in line with China’s ambitious economic goals”.
Andreas Rohr of the DCSO — set up by German companies as a joint cyber defence centre — said that given the targets so far chosen by Winnti, “we can assume that there is a very targeted tasking by the Chinese state,” although definite proof was impossible.
Winnti attacks have been discovered at three smaller German firms since the beginning of 2019, BR and NDR reported.
And in 2016, the group’s software was discovered in systems at industrial conglomerate Thyssenkrupp.

More from AFP
- UK Minister Warns Meta Over End-to-End Encryption
- ‘Cybersecurity Incident’ Hits ICC
- China Says No Law Banning iPhone Use in Govt Agencies
- Spies, Hackers, Informants: How China Snoops on the West
- Meta Fights Sprawling Chinese ‘Spamouflage’ Operation
- Two Men Arrested Following Poland Railway Hacking
- UK Court Concludes Teenager Behind Huge Hacking Campaign
- Suspected N. Korean Hackers Target S. Korea-US Drills
Latest News
- In Other News: New Analysis of Snowden Files, Yubico Goes Public, Election Hacking
- China’s Offensive Cyber Operations in Africa Support Soft Power Efforts
- Air Canada Says Employee Information Accessed in Cyberattack
- BIND Updates Patch Two High-Severity DoS Vulnerabilities
- Faster Patching Pace Validates CISA’s KEV Catalog Initiative
- SANS Survey Shows Drop in 2023 ICS/OT Security Budgets
- Apple Patches 3 Zero-Days Likely Exploited by Spyware Vendor to Hack iPhones
- New ‘Sandman’ APT Group Hitting Telcos With Rare LuaJIT Malware
