Emails leaked in the HBGary Federal network breach reveal a spate of high level attacks targeting leading companies across multiple industries.
The foreign-based attacks appear to be industrial espionage efforts intended to harvest sensitive trade secrets and intellectual property. The majority of the attacks are said to originate in China and Russia.
Democratic Senator Sheldon Whitehouse of Rhode Island said "we are on the losing end of the biggest transfer of wealth through theft and piracy in the history of the planet."
HBGary Federal is one of a handful of security companies hired by large corporations to investigate network security events.
The company was the target of a hacking operation conducted by the hacktivist movement known as Anonymous which resulted in the release of tens-of-thousands of company emails.
Among the previously unreported breaches was a successful attack on financial firm Morgan Stanley, a victim of the highly sophisticated Operation Aurora cyber attacks which began in mid-2009.
Operation Aurora targeted dozens of large firms, including DuPont, Adobe, Northrop Grumman, Dow Chemical, and most famously Google.
According to the leaked HBGary Federal emails, DuPont was the target of another attack in 2010 which was not reported to investors or regulators.
Other companies revealed in the emails to have suffered network attacks include Johnson & Johnson, Royal Dutch Shell, General Electric, Exxon, Sony, BP and Walt Disney - to name just a few.
“It appears that every industry is being victimized by intrusions,” said FBI Deputy Assistant Director Steven Chabinsky.
Under U.S. securities law, companies are required to report any information considered to be "material" to investors in regular filings with the Security and Exchange Commission.
“The companies don’t want to disclose it. They want to just basically eat the harm that was done to them and pretend that all is well," Senator Whitehouse said.
For more details on the companies and industries revealed to have suffered attacks, see the Bloomberg article here:
