Capstone Green Energy Corp (fka CGRNQ)

[Seasound]

{malware attack..I'm not understanding the importance of this..what harm was done?}

This description of how the Watering Hole Attack works is described on Symantic's site in fairly simple terms. An excerpt from the description states that "The threat implements common back door functionality such as uploading, downloading, and executing files."

So, if you had visited the host, in this case, Capstone Turbine, within the time intervals described in the article, and your computer was found to be using a Java version 6, and IE 8 a series of cookies, disguised as jpeg files, were placed on the target computer. Another series of actions delivered the "payload" to the target and created a backdoor which provides the attacker complete control of the target computer, which in my mind would be an important issue.

Since Capstone participated worldwide trade shows, including Rio +20 many of the participants obviously communicate, and more than likely have their native MS language packs intalled (specifically looking for Chinese, Taiwan Chinese, United States English, Russian, Japanese, or Korean) would be prime targets. If you think of the world energy situation in terms of resources, supply, development, etc., this information could be of great use to competitors. Also, negating the wide open nature of the backdoor, I'm sure that there would be other information that counter-parties would like to be privy to including sales prices to potential customers although in the total scheme of things this is a minor consideration. Also, the conclusion of the Symantic article would scare off plenty of customers in my mind: "Conclusion
The use of zero-day exploits in targeted attacks is certainly not a new phenomenon. Many high profile incidents like Hydraq (also known as Aurora), Stuxnet, and Duqu used one or more zero-day exploits to accomplish their goal. As detailed in the Symantec Elderwood Project paper we have seen zero-day usage increasing in such attacks. However, most attackers still use common, publicly available, exploits to carry out their attack. In this particular case, use of a zero-day exploit suggests a high level of sophistication requiring access to resources and skills which would normally be outside most hackers' capabilities." When you are talking Stuxnet you are talking about taking industrial complexes down.

If potential customer's of Capstone Turbine had their computer systems compromised by simply visiting the CSPT website, I personally don't think that leaves a good impression of the company, especially since Capstone was notified of the vulnerability last September. One of Capstone's marketing tools is remote computer monitoring of the field operation of their installed equipment. Again, I don't think news like this will help that effort either.

Of course, all of the above is just my opinion. The details are all out there for all to read and study. Check it out.