Malware targeting AutoCAD files could be sign of industrial espionage

Ellen Messmer (Network World)
22 June, 2012 15:28
Comments

Malware written to steal design files made by architects and engineers indicates there’s likely been an industrial cyber-espionage effort underway, says ESET, which discovered malware that steals AutoCAD-based files earlier this year.

Young employees say BYOD a ‘right’ not a ‘privilege’

SLIDESHOW: Worst data breaches of 2012 – so far

ESET malware researcher Pierre-Marc Bureau says the firm captured samples that show the malware, written in the LISP programming language, is “designed to steal sensitive information, such as blueprints” made using AutoCAD software from AutoDesk. Although Peru is where ESET has initially seen this design-stealing malware turn up the most, it’s a global phenomenon, Bureau says. Analysis indicates the malware is sending stolen AutoCAD files to China.

Although ESET captured samples of the computer-aided design-malware back in February, a spike in activity observed around the malware compelled the firm to go back to do more analysis on it. It was learned that the malware was stealing files and mailing them off to what appeared to be a service provider in China. Bureau says ESET contacted the Chinese service provider, Tencent, to shut down the malware’s point of delivery for stolen files, and shared information it gathered with AutoDesk. Anti-virus products that identify the malware would also protect against infections.

Infections are occurring through compromised AutoCAD files, Bureau says. “If you’re exchanging documents with another company, you could get infected.” He says this appears to be a targeted espionage case, perhaps where someone wants to know about what a competitor is doing in a bidding situation, but the malware does seem to be spreading.

Ellen Messmer is senior editor at Network World, an IDG publication and website, where she covers news and technology trends related to information security.

Read more about wide area network in Network World's Wide Area Network section.

"Suggesting that people's "purpose is to get information to flow through the ..."

Why change management doesn’t work
"Darn those pesky laws that get in the way of commercial exploitation ..."

Larry Page wants to see your medical records
"Instead of partitioning the device between corporate and personal data, another approach ..."

Dual-Persona Smartphones Not a BYOD Panacea
"Well that's a nice back-handed compliment isn't it? So now, finally, my ..."

After two-year hiatus, EFF accepts bitcoin donations again
"Actually, both Mobile App developers and CIOs should be blamed for it. ..."

CIOs struggle to deliver timely mobile business apps: survey

Latest Blog Posts

Whitepapers

Bring Your Own Device FAQs
This report covers the frequently asked questions associated with the implications of BYOD devices in the workplace. Any solution in this space needs to be built on simplicity, scalability and security. Click to find out how to address the IT security challenges.

Learn more »
Clearing the Clouds for Midmarket Businesses
Cloud computing promises to help midmarket companies reduce cost and complexity in the IT equation – and gain the flexibility and agility they need to thrive. Yet charting a clear course to the cloud isn’t always easy. In this paper, we aim to clear the clouds. We examine different cloud computing models, discuss the types of requirements that each can best address, and consider what midmarket businesses should look for in a cloud solutions provider.

Learn more »
Managing the Rapid Rise in Database Growth: 2011 IOUG Survey on Database Manageability
As the era of “Big Data” marches on unabated, data is coming from an ever wider range of sources, including transactional systems, mobile devices, sensors, streaming media, and social networks. Businesses are looking for innovative ways to better leverage terabytes—and for some, petabytes—of information. Read more.

Learn more »

All whitepapers

Most Read
Most Commented

Get exclusive access to Invitation only events CIO, reports & analysis.

Latest Jobs

FTQuality ManagerSA
FTTechnical Business AnalystNSW
FTLead Software EngineerSA
FTR&D EngineerSA
FTJob Title: Mac Systems/ Enterprise Systems EngineerNZ
FTFlash / ActionScript Developer - ContractNSW
FTSenior Python DeveloperNSW
FTOS Web Applications DeveloperNSW
FT.NET - Sitecore Developer - Melbourne - PermNSW

Zones

Featured Whitepapers

Devising a Server Protection Strategy with Trend Micro

With so many Information Technology solutions available to choose from today, many organizations put their trust in the experience, insight and advice of Gartner, and their industry-leading analysts. Trend Micro’s ...

Recent comments

"Suggesting that people's "purpose is to get information to flow through the ..."
Why change management doesn’t work
"Darn those pesky laws that get in the way of commercial exploitation ..."
Larry Page wants to see your medical records
"Instead of partitioning the device between corporate and personal data, another approach ..."
Dual-Persona Smartphones Not a BYOD Panacea
"Well that's a nice back-handed compliment isn't it? So now, finally, my ..."
After two-year hiatus, EFF accepts bitcoin donations again
"Actually, both Mobile App developers and CIOs should be blamed for it. ..."
CIOs struggle to deliver timely mobile business apps: survey

Follow CIO

Market Place

Deploying mobility worthwhile challenge hear what CIOs have to say.. Read more

Now out of the office never means out of the loop. Office 365 – your complete office in the cloud.

Australian Breakfast Road Show: Enabling Proactive Security for Tomorrow's Business Trends

Switch on The Symantec Business Critical Virtualisation Content Zone

Latest Jobs

Subscribe to CIO

Critical. Authoritative. Strategic. CIO magazine addresses the issues vital to the success of IT and business executives. Solutions-oriented editorial provides a greater understanding of the role IT plays in achieving corporate goals. Subscribe to the print edition today.

Download OPML file for import with all IDG RSS feeds

CSO Online Data Security Briefing

Malware targeting AutoCAD files could be sign of industrial espionage

Recommended

Commonwealth Bank shifts to activity-based work culture, swanky ...

AusCERT 2013: Deploying BYOD in a government environment

Tapping into social experience: Tourism Australia

Homeless multinationals and taxing decisions

IT sourcing: in or out?

Avoiding your cloud vendor’s success trap

10 Tips for Dealing with a Bully Boss

5 open source help desk apps to watch

How to define the scope of a project

PMBOK vs PRINCE2 vs Agile project management

CenITex to become service “broker”

Opinion: Why national e-health is not for everyone

Dual-Persona Smartphones Not a BYOD Panacea

Larry Page wants to see your medical records

eBay bids on big data challenge

Big Data Gold Isn't Always Where You Would Expect It

Symantec Business Critical Virtualisation Content Zone

BlackBerry Enterprise Service 10 Zone

HP Tech Connect Resource Centre

Devising a Server Protection Strategy with Trend Micro

Enable Flexible Working

NetApp FAS6240 Clustered SAN Champion of Champions

Best Practices for ERP Implementation

Legal Compliance in Electronic Record Keeping