February 25 2010
Intel has revealed in a Securities and Exchange Commission filing that it too was the target of a sophisticated hacking attack in January, around the same time Google complained to China about such cyberassaults.
Intel made a concisely worded disclosure in filing its Form 10-k annual report; publicly-traded companies are requred to disclose any material events that could be reasonably expected to affect stock prices and investors' decisions.
Data thieves running the so-called "Operation Aurora" attack campaign hacked into Google and some 30 other large corporations last December and January.
So was Intel trying to signal that it, too, was one of Operation Aurora's targets? The chip maker has declined to supply details.
Security experts point out that there is a mountain of circumstantial evidence suggesting there may not be any connection at all between the attacks on Intel vs. Google. "It is absolutely possible Intel could have been breached by someone else, given the sheer volume and variety of attacks seen every day," says Eric Olson, vice president of solutions assurance at security firm Cyveillance.
The fact that all corporations are at risk of being swallowed up in by a swelling wave of cyberattacks was highlighted last week after security firm NetWitness grabbed headlines for publicly disclosing the contents of the online storage trove of the low-level Kneber cybergang. Over the course of four weeks, using simple techniques, the Kneber gang amassed 68,000 account logons from 2,400 companies and organizations.
The Kneber gang is one of thousands of individual hackers and cybercrime gangs at work. Many use much more sophisticated tools and tactics.""The actors are hard to enumerate," says Olson. "The variety and sophistication of their methods are incredible, and grossly underestimated."
One measure of the intensifying attacks on corporate networks comes from security firm Damballa, which monitors the activities of some 2,000 botnets embedded deep inside corporate networks. Botnets are comprised of thousands of infected PCs carrying out instructions sent by a criminal controller.
"At any point in time, most large organizations can expect to have over a dozen different botnets operating within their organization," says Gunter Ollmann Damballa's vice president of research. "In many cases the number is much higher, particularly within remote offices, or in or organizations that have a higher proportion of home-office employees."
Ollmann says cybercriminals have been concertedly attacking corporate networks for two to three years, and that it is becoming easier for novices with average computer skills to get in on the action. "The tools for launching and managing such an attack are publicly available, and are generally more advanced that what specialist criminal operators were using only three years ago," he says.
Source:-http://content.usatoday.com
|
|
