Warning: Aurora cyber attack bigger and more consequential than previously reported

by Steven Freeman 2/6/2010 8:31:00 AM

Google announced in January that it had been the target of a “highly sophisticated” and coordinated hack attack, since dubbed Operation Aurora (because files labeled “Aurora” appear in infected machines). Disclosures by Adobe and other companies soon followed and hints were that it was an attack by the Chinese government, an accusation around which the media has coalesced.

Late this week, there were several followups. Wired reported that Google has asked the NSA to help secure its network. The Examiner reports:

The massive Operation Aurora cyber attack last month, apparently launched from command and control server computers in Taiwan, is part of a larger and sustained effort that has been stealing data for years.… Public details about the cyber attack on major corporations in the United States are scanty as the companies try to assess the damage.

The Department of Defense held a conference with top computer security experts last week in St. Louis, Missouri to discuss the problem. One of the participants, Mandiant, a security consulting firm, has released a report on its findings. … “The scale, operation and logistics of conducting these attacks--against the government, commercial and private sectors--indicates they are state-sponsored. The Chinese government may authorize this activity, but there is no way to determine the extent of its involvement. Nonetheless, we have been able to correlate almost every APT [Advanced Persistent Threat] intrusion we have investigated to current events within China.”

But of course, the Chinese government is not alone in being threatened by free and fair distribution of information. One of the few circumspect accounts appears in the (U.K) Guardian, which notes no hard evidence of involvement of the PRC or any agents thereof except for Chinese IP addresses and observes, "attackers could have purchased hosting on those servers or compromised them as well. ... It could be a false-flag attack designed to draw suspicion to China."

Several people in our community have been affected. Sheila Parks, director of the Center for Hand-Counted Paper Ballots, writes:

I got a very bad computer virus this week, even with all my protection. My computer person says they are happening everywhere. I have never had a virus in all my years on computer I am writing to tell you, if you don't already know, that you should not be using Internet Explorer, except in those few cases where you have to.

Tags:

Comments

2/9/2010 9:11:17 AM

this effects IE6 according to news article:

US Intel Chief Paints Dark Picture of Cyberattack Defense ...This attack, which also hit other U.S. companies, was launched through a zero-day flaw in Internet Explorer 6 and is known as "Operation Aurora."
http://www.technewsworld.com/story/69273.html

Of course you can use other web browsers intead of internet explorer to avoid other attacks on newer versions.
I have to use IE because my part time job requires it.

This is further reason to oppose internet voting.

Joyce McCloy

Joyce McCloy