McAfee: China attacks a ‘watershed moment’

by Steven Musil
CNET News
January 17, 2010

The China-based cyber attacks on Google and other companies were “a watershed moment in cybersecurity,” according to an executive at computer security company McAfee.

“I believe this is the largest and most sophisticated cyberattack we have seen in years targeted at specific corporations,” McAfee Chief Technology Officer George Kurtz wrote on his blog Sunday. “While the malware was sophisticated, we see lots of attacks that use complex malware combined with zero day exploits.”

“What really makes this is a watershed moment in cybersecurity is the targeted and coordinated nature of the attack with the main goal appearing to be to steal core intellectual property,” Kurtz said.

Exploit code for a zero-day hole in Microsoft’s Internet Explorer, which has been linked to the attacks, has been released on the Internet, McAfee warned on Friday. Microsoft said Thursday it is working on a patch and warned that IE 6, 7, and 8 on all the modern versions of Windows, including Windows 7, are affected by vulnerability.

Kurtz said IE users “face a real and present danger,” leading McAfee Labs researchers to create a Web page that offers updates, advice, and product configuration suggestions as they pertain to the vulnerability and the China-based attacks, which organizers referred to as “Operation Aurora.”

Google disclosed the attacks targeting it and other U.S. companies on Tuesday and said the attacks originated in China. The company said it discovered the attacks in mid-December and while it did not specifically implicate the Chinese government, it says that as a result of the incidents, it may withdraw from doing business in China.

Source code was stolen from some of more than 30 Silicon Valley companies targeted in the attack, sources said.

The article continues at CNET.com

Comments are closed.