Security outfit iDefense Labs has today published a report about the recent attacks on Google and at least 30 other companies; the report details how the attacks were executed and who committed them, and all signs point to the Chinese government.
The report reads: “The source IPs and drop server of the attack correspond to a single foreign entity consisting either of agents of the Chinese state or proxies thereof.”
IDefense Labs also alleges that the attack bears remarkable similarities to another large scale attack that occurred last July. If they are indeed from the same source, it means that China has been waging an information war against many companies for over half a year.
In addition to Google’s Tuesday announcement, Adobe announced yesterday that it discovered on January 2 that it had been the target of a “sophisticated, coordinated attack,” though it did not verify that it was the same that preyed on Google. The attack used a zero day weakness in Adobe Reader to plant malware that was somewhat successful in stealing source code. The malware was distributed by infected PDFs attached to emails sent to specific employees.
McAfee, contrarily, has said that the main vulnerability exploited to compromise the companies was one in Internet Explorer, and not a weakness in Adobe Reader. McAfee is also calling the attacks “Operation Aurora,” suggesting a large coordinated effort, but no companies beyond Google and Adobe have openly admitted a breach at this time.
Articles RSS