Chinese Government Blamed for Cyber-Attacks on Coca-Cola, ArcelorMittal
Coca-Cola Co. was reportedly hacked in 2009 by what the FBI believes to be a state-sponsored attack from China. Other companies such as British energy company BG Group, Luxembourg-based steel maker ArcelorMittal and Chesapeake Energy were also reported as breached by the same cyber-gang.
Identified by security experts as “Comment”, the hacker group is believed to have had access to internal company documents related to Coca Cola’s unsuccessful acquisition of China Huiyuan Juice Group, estimated at around $2.4 billion.
Infiltrating the computer of Paul Etchells, deputy president of Coca-Cola’s Pacific Group, via an email claiming to come from the company’s CEO, a malicious link was served and used to install keyloggers and other malicious applications.
Using an Adobe exploit, hackers also targeted Brenda Lee, a Coca-Cola public affairs executive in China, by sending an email with a maliciously crafted PDF file.
With BG Group, ArcelorMittal, Chesapeake Energy, and Coca-Cola keeping the breaches away from the media, former cyber policy adviser to the U.S. Congress, Jacob Olcott, believes that “companies currently provide little information about material events that occur on their networks,” leaving investors clueless and at a disadvantage in business negotiations.
The cyber-gang is believed to have been responsible for these hacks and acquiring information regarding business investments in China is considered to have been their focus.
Cyber-security experts believe that companies that plan on doing business in China or have Chinese competitors should expect cyber-attacks seeking confidential files and access to company networks.