Chinese hackers have been blamed for two more industrial hacking attacks, this time on Airbus parent company European Aeronautic Defence and Space Company (EADS) and German steel maker ThyssenKrupp.
The attacks, which were said by German newspaper Der Spiegel using unnamed sources to have taken place in 2012, did not cause any damage EADS later said in comments to news agencies.
As a maker of the Eurofighter Typhoon jet, military drones and satellites, the targeting of EADS is not surprising, although an interesting detail remains that ThyssenKrupp believes it was attacked in the US from Chinese IP addresses.
Beyond that, EADS described the attack as “standard” although unconfirmed reports have suggested that the hacking of the steelmaker was more significant.
It would be a notable week if China was not being accused of cyberattacks such is the curent volume of reports.
Last week security consultancy Mandiant made a name for itself by detailing the allegedly systematic nature of the attacks on US organisations by named units of the Chinese People’s Liberation Army (PLA).
This came not long after several US newspapers lost their cool over alleged Chinese attacks on the email system serving their journalists, but the distinguishing feature of Mandiant’s report was its unusual detail.
China has been accused of conducting cyberattacks many times before but using very general language. The key moment that kicked off this first era of fingerpointing was Google’s publicising of the ‘Aurora’ attack that affected it and 30 other US companies in late 2009.
Since then, just beyond the headlines in western countries, there have been a spate of attacks on Japanese companies and Government departments blamed on China, including one on Japan’s Aerospace Exploration Agency (JAXA) in December 2012.
Between 2010 and 2012 these became so numerous it almost stopped being news. Elsewhere, even Norway had to own up to a major attack on its energy sector in 2011, again assumed to have had Chinese involvement.
From general accusations, Mandiant's report could mark the moment when attacks are described more forensically even as company after company owns up to having been on the receiving end of unwanted attention.