Overview[]
"In what has been dubbed the 'Nitro' attacks, hackers sent phony emails to members of Fortune 100 companies, businesses developing advanced materials for military vehicles, and companies developing manufacturing infrastructure for the chemical industry.[1] The emails contained attachments with a malicious Trojan called PoisonIvy, which ultimately allowed hackers access to other computers in the company workgroup as well as to needed passwords. They could then navigate to the targeted intellectual property, copy the content, and upload the information to servers external to the compromised organization. Because the victimized companies were involved in the research, development, and manufacture of chemicals and advanced materials, it may have initially been unclear whether the attacker was a terrorist attempting to procure chemicals or a hacker seeking corporate secrets. According to Symantec, the purpose of the attacks was likely industrial espionage, and the attackers appear to have been seeking intellectual property, including design documents, formulas, and manufacturing processes, for competitive advantage. The source of the attack was identified as a computer system owned by an individual — dubbed Covert Grove — in China.[2]