Explore the latest news and trends  

Sign up for our weekly security newsletter


Be the first to receive important updates on security





Send

100 Organizations Likely Affected in January Google Attack

ISEC Partners Inc, a security research company, states that it is possible that the Chinese hackers, who attacked Google Inc. in January 2010, targeted over 100 organizations, much higher number than earlier predicted.

The security investigators have almost managed to track the anonymous hackers. But during the investigation, these researchers have discovered 68 more alleged command-and-control (C&C) servers that regulated the hacked computers. ISEC also highlighted that Google at first had notified the problem to 30 organizations.

Following the assessment of a single C&C server utilized against Google in January 2010, researchers spotted 34 hacked organizations. Subsequently, once they uncovered 68 more servers it potentially meant that several other organizations were compromised. Alex Stamos, Partner with ISEC Partners, said that the number was more than 100, as reported by PCWorld on February 26, 2010.

One more investigator who knew about the probe also stated on February 26, 2010 that it was evident that several additional organizations were also compromised compared to the previous estimates.

Stamos said that he was conducting forensics operations at some of the affected organizations whose names he refrained from mentioning, as reported by The Wall Street Journal on February 26, 2010. Apparently, Stamos' description of the attack is the same as several other researchers documented. He additionally recommends many preventive measures which organizations can adopt for their networks' protection.

According to security experts, it is believed that the attackers managed to access the organizations' computers through the dispatch of personalized e-mails to employees. These e-mails possibly had installed malware on their systems. This malware, recognized as 'Aurora' in the security community, has been actively utilized for 18 months or more. However, Aurora was not known to the security community until Google found the hack in December 2009.

Rob Lee, Computer Forensics Instructor at the SANS Institute, said that the Google attack wasn't the first such personalized assault. However, it was extremely harmful as it broke in conventional security defenses. According to Lee, the Institute had been tackling such attacks for 5 years and it found mostly all circumventing security measures through e-mail, as reported by PCWorld on February 26, 2010.

Related article: “Loopholes did not cause online banking thefts”: ICBC

» SPAMfighter News - 3/10/2010

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Dear Reader

We are happy to see you are reading our IT Security News.

We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!

Go back to previous page
Next