After the 2009 cyber attack on Google and about 30 other companies, we now see how future cyber attacks might be launched: covertly and in a highly targeted manner. These particular attacks are believed to be linked to the Chinese government and took months to fully execute.
Each piece of malware used in these attacks was specifically designed for the target company to give hackers total access to all of the company’s digital information. These are very sophisticated, highly targeted malware that could quietly invade and compromise a company without ever drawing any attention to itself.
And that’s exactly what this malware did. It laid silently in the background and gathered digital information for over six months. When the malware was finally exposed, companies like Google, Intel, Adobe to Yahoo had been robbed of their source code, industrial secrets and other valuable intellectual property.
“We know intellectual property was compromised. A lot of times it was source code – that’s the core intellectual property for many of these companies… It’s one thing if source code is stolen. In the defense world, there’s concern that source code may have been modified and no one knows about it… That’s one of the biggest areas government is focused on: Could anyone get in and modify systems and use it to their advantage in time of war?” – George Kurtz, chief technology officer of the cybersecurity company McAfee.
Aside from targeting well known Internet and technology companies, these hackers also targeted space, government, and military companies. Obtaining information from these types of companies means that hackers can spy on and steal commercial, government, and military secrets, these Chinese hackers might have also modified the source code so that it won’t work properly when needed, or worse yet, modified in a way that control would be transferred over to the hackers or enemy government in time of war.
There’s also a concern that the hackers could have examined the companies’ source code and discovered unknown vulnerabilities in operating systems, web browsers and other software and could use them against the military or any other computer users.
(Via Defense News)