McAfee: China attacks a 'watershed moment'

The China-based cyberattacks on Google and other companies were "a watershed moment in cybersecurity," according to an executive at computer security company McAfee.

"I believe this is the largest and most sophisticated cyberattack we have seen in years targeted at specific corporations," McAfee Chief Technology Officer George Kurtz wrote on his blog Sunday. "While the malware was sophisticated, we see lots of attacks that use complex malware combined with zero day exploits."

"What really makes this is a watershed moment in cybersecurity is the targeted and coordinated nature of the attack with the main goal appearing to be to steal core intellectual property," Kurtz said.

Exploit code for a zero-day hole in Microsoft's Internet Explorer, which has been linked to the attacks, has been released on the Internet, McAfee warned on Friday. Microsoft said Thursday it is working on a patch and warned that IE 6, 7, and 8 on all the modern versions of Windows, including Windows 7, are affected by vulnerability.

Kurtz said IE users "face a real and present danger," leading McAfee Labs researchers to create a Web page that offers updates, advice, and product configuration suggestions as they pertain to the vulnerability and the China-based attacks, which organizers referred to as "Operation Aurora."

Google disclosed the attacks targeting it and other U.S. companies on Tuesday and said the attacks originated in China. The company said it discovered the attacks in mid-December and while it did not specifically implicate the Chinese government, it says that as a result of the incidents, it may withdraw from doing business in China.

Source code was stolen from some of more than 30 Silicon Valley companies targeted in the attack, sources said. Adobe Systems has confirmed that it was targeted by an attack, and sources have said Yahoo, Symantec, Juniper Networks, Northrop Grumman, and Dow Chemical also were targets.

See also:
• Behind the China attacks on Google (FAQ)
• Google's challenge in China (roundup)

[n3td3v]

CNET stop this biased reporting that plays lip service to the cyber security industry who are in desperate need for new revenue vectors and have been desperate to ratchet up cyber security as a national security agenda for a while, there would be nothing better for them than cyber war and cyber terrorism to kick off.

So in your quest in not being a biased news organisation, can you start inserting quotes like this into your articles:

One analyst said Friday that he is not sure the attacks point to the Chinese government. Rob Knake, a cybersecurity expert with the Council on Foreign Relations, said his analysis of results from a technology firm investigating the attacks suggests that they "were not state-sponsored or the work of an elite, sophisticated group such as the Chinese military."

http://www.washingtonpost.com/wp-dyn/content/article/2010/01/15/AR2010011503321.html

[m1121]

This is news diversity. No one will ever know who is right so let the people decide for themselves. Cnet can report what you deem as biased and washington post can report who is deemed pro-east (by specifically stating "were not state-sponsored or the work of an elite, sophisticated group such as the Chinese military."). Come on, at the end of the day, if you want, you can even tag agenda behind every acts even from the most innocent.

[typeA911]

It shud be unlawfull for idiots like u to own an computer.

[Angry CPU]

You are wrong I must say. I work in the security field and we are short of people that are qualified to protect our digital assets. This country is attacked "cyber" wise daily; I will call it "pounded. To make a long story short, the majority of attacks are coming from China, not just corporations but also the average Internet users that become infected, the source of the malware is also from China, and the numbers don't lie. I also was told by a high ranking military person ?that we have no problem fighting a physical war any place any time, but what I do fear is a cyber-war. I don't think we are ready for a cyber-war and it?s by far the most significant source of threat we face today.?

[n3td3v]

"You are wrong I must say. I work in the security field and we are short of people that are qualified to protect our digital assets."

Ya and cyber war would create more jobs and money for the cyber security industry, hence why they are hungry for cyber war to kick off, because old revenue vectors such as ones from viruses and worms are drying up because the traditional hackers aren't motivated anymore and only care about selling their zero-day exploits to ZDI and iDefense and /or/ the underground.

Nobody is saying the threat isn't real, what im saying is its being artificially ramped up and exaggerated, just like 'Saddam could launch a nuke on UK interests within 45-minutes', we must go in right away and invade.

[Smorgan06]

Come on people it says in the article that the attack was from china and attacked over 30 US companies now think what the hell has enough assets to do so an attack and heck the Chinese people can't really in my mind generate such a complicated hack that is basically the same source code wise for that many United States corporations so the only thing thats left in the country is the Chinese government.

[JasonAker]

Enjoy that tinfoil hat n3td3v. A single quote expressing doubt is not enough to prove a case.

[pugster]

I agree. China did it because Chinese government is 'sophisticated' enough to do this. You mean some US, UK, or some Russian hack can't do this? I think I was more convinced when Colin Powell came into UN council and made an elaborate presentation that Iraq has trying to acquire uranium.

[chunguodiunay]

n3td3v:
Its a member of the ??? - sorry,we caught on to your tricks.
Its interesting to note from your remark that you don't deny that the attack came from China, only that it has hasn't been definitely identified as having come from a confirmed Chinese governmental agency/agent. However, its just a matter of time. Several other sources, from the BBC,NY Times and others, are now reporting that there is very strong evidence of Chinese government involvement in these attacks. The US State Department is demanding an answer from China,nd so far, there is no reply. This has now become a diplomatic matter and rightly so.

[krypter]

n3td3v is obivously a paid-off stooge working for the Chinese government to spread confusion and lies on any site that criticizes the Chinese government. It's well known that the PRC hires propagandists by the tens of thousands to batter its opponents in online forums, and n3td3v is just another one of these goons.

[Cman666]

How big is your paycheck from the chinese "government". Why do you defend them so much? You sound like a moron! china is as corrupt as your logic.

[t8]

WARNING!
Use Internet Explorer at your own risk.

Most IT savvy people have switched browsers, the masses need to as well.

[cbscowards]

Microsoft should do the world a favor and issue a mandatory update that deletes IE from your PC.

[richto]

To what? Firefox for instance had over 100 vulnerabilities in the last year compared to only 30 in all version of IE.

[Renegade Knight]

@richto

Fair question.

[ramshanmugam]

that does it
I am never hiring a chinese engineer in the future

[m1121]

Hey with the lure of money, people of all races can commit business espionage. where does the word traitor ever become obsolete? xenophobia seems to be getting more popular these days? What if someone implicates the whole of Asia?

[jamaan--2008]

@m1121

I think his comment was supposed to be sarcasm

[Otto Holland]

Yeah "t8" I have used Internet Explorer all these years since Netscape lost the thrown and has not had a problem...not even once. Yes, I am in IT and I prefer IE than the others. Fact is, you use what you want and I don't see a need to tell people what they should use.

Your term "IT savvy" means nothing; are you IT savvy? most likely not!

[brienza1975]

"Yeah "t8" I have used Internet Explorer all these years since Netscape lost the thrown "--Obviously you aren't too savvy with the grammar either!!!!!

[cbscowards]

Then you obviously don't develop for the web. If you have not had a problem with IE, it is because the developers of the sites you visit are taking the extra time to work around the IE bugs. I deal with this on a daily basis and it sucks. IE is driving up the cost of web development because MS either doesn't care about standards or is too incompetent to write code that follows them.

[monkeyfun14]

@brienza

When you have no other points attack their grammar.

[MeepMan]

There were too many mistakes... He just picked the most blatant one. By the way, Netscape is back, and it's called Firefox. Netscape spawned the Mozilla project, which in turn spawned Firefox. Suggestion: switch back. The history lesson was to make you feel better about it.

[t8]

I develop web sites and IE is the biggest pain in the butt.
All the other browsers do what they are suppose to.
If people stopped using IE, the Web would be able to advance faster.

[mb36sr]

WOW. All you can say is that it's internet explorers fault. Grow up. It's just a matter of time before they pick another browser or another avenue. We need to cut off as many ties with China as possable, they are not our friends. It's as plain as day.

[n3td3v]

They have no reason to be friends with U.S and other countries are only friends with U.S for economic reasons not because America is liked.

It's America who needs China not China who needs U.S.

An American software manufacturer leaves a bug in its browser software that allowed an American search company to get broken into and have intellectual property stolen by *unknown* attackers.

Then U.S go crying to the media that the Chinese government hacked into Google with no evidence and from what everyone can see was failures of Microsoft not having secure software and Google not having adequate security to detect and prevent attacks.

A U.S born problem here so the only people who should be getting fingers pointed at is Microsoft and Google.

Look at the end of the day it doesn't matter who the attackers were, an attack is an attack and it shouldn've been prevented by U.S companies.

What use is it complaining to China in a U.S State Department press speech on Thursday?

China's just going to repeat what i've just said, all the Chinese government can do is tell Google and Microsoft to get serious about cyber security to stop *unknown* attackers breaking in.

All fingers point back to U.S on this one, even the conspiracy theories about who *actually* has been doing the hacking.

[Hokulea]

@n3td3v

You are either misinformed, uninformed, or just plain ignorant.

China is the world's largest exporter primarily because of American consumerism. Not to mention the considerable capital outlay by US and foreign firms in modernizing production lines within China. Very little of what China produces for export is invented there. It's just made there to maximize profits for companies located elsewhere in the world.

If you would bother to read the numerous reports on Internet security that have been released by both industry and private sources you would be much more informed regarding trends in attack vectors. Additionally, a little time spent browsing known vulnerabilities on Secunia's website might surprise you. Currently, Secunia lists 6 advisories and 48 vulnerabilities for Firefox 3.5, 4 advisories and 15 vulnerabilities for Safari, 3 advisories and 4 vulnerabilities for Google Chrome 3.x, and 8 advisories and 23 vulnerabilities in IE8. For 2009, Firefox had the most vulnerabilities regarding browser applications.

Further reading on Secunia's site should educate you to the simple fact that there are bugs in every piece of software out there.

All fingers do not "point back to the US on this one". As the New York Times reported on Jan 15, Google engineers gained access to a server in Taiwan suspected of being the source of the attacks. "...much of the evidence, including the sophistication of the attacks, strongly suggests an operation run by Chinese government agencies, or at least approved by them..."

Perhaps you didn't hear of the "GhostNet" operation uncovered last year. I suggest you do an online search for an International Herald Tribune article titled "Vast spy system loots computers in 103 countries". From the article: "...researchers said that the system was being controlled from computers based almost exclusively in China..."

Considering that the Chinese have tremendous capabilities regarding Internet snooping, it is highly unlikely that the Chinese government does not have explicit or implicit information regarding who is behind these attacks. Just do an online search using the string "Cisco Systems Policenet China".

[phail_saph]

@n3td3v...you are clearly a 'netizen' at work not just suppressing the truth in China but over here now. Unbelievable!! I can't believe that you actually said that we need China more than it needs us. They steal our technology and know how. The thief needs the law abiding citizen more than the citizen needs the thief...in fact the law abiding citizen doesn't need the thief at ALL...dumb*ss.

China is wants nothing to do with our way of life; they suppress their own people and now want to suppress us. The sooner we take head the better we will all be. This is just like dealing with Germany. The sooner the better or else you are going to have a hell of a war.

[MeepMan]

@ Hokulea
He could be Chinese, but I don't know that. I just know that China is a horror to its own people.

@n3td3v
Once they grow up in their treatment of themselves, then I'll respect their lack of need for us. They need our market. As the USA, we need to just cut off imports AND World Wide Web access directly to USA/North America. Then, we'll see how much they do or don't need us. Or, just cut off USA internet access.

[t3chm4ast3r]

I agree w/ Otto Holland. If you are "tech savvy" you should be able to optimize, control, secure, and use internet explorer. On another note, read Oreilly - Inside Cyber Warfare, its new. It has insight on cyber terrorism including the group of 30,000 Chinese bent on destruction of American systems. 30,000 people is a lot, 30,000 people bent on doing destruction, you know bad things are going to happen... and if they are pushed by a massive corrupt government. People be weary, cyberterrorism and technocapitalism are just in their beginning chapters but are growing faster.

[Fatesrider]

I believe the point is that most people are not "Tech Savvy" and do not have the expertise to optimize, control and secure IE. The failure is, as usual in security, at the user end. Users will go and play with settings so they can download their favorite clip, go to their favorite sites or do some other action which ultimately leads to the compromise of the software. To prevent them from doing this cuts into productivity (especially with IE) or costs far more in security upkeep than having the browser is worth.

Security experts need to identify the major threats to their systems and choose the programs which, out of the box, require the fewest tweaks to be made relatively safe given the user's network environment if they want to remain cost effective. Find me a business which has an IT department spending money on security without a proven threat to them and I'll show you a company which is preparing to fire its CTO. Businesses always lock the door after the horse is stolen.

But with IE, the door remains unlocked and open most of the time because it's the most common door out there. Diversify the variety of browsers being used and you increase the complexity of attacks necessary to breach them - driving up the cost (at least in time, if nothing else) of devising cyber attacks. The bigger the target, the more people who will try to hit it.

So, for security experts, diversify the browsers you have in your company. The up-cost for diversification will be offset by the savings a security breach could cause, and minimizes the ability of someone to hack sensitive systems.

Just a thought...

[cardshoot]

It doesn't matter which browser you use if there are a thousand knowlegable people or more for each browser dedicated to finding and exploiting any vulnerability in their codes. Just look back at the list in Hokulea's post. With that many problems with all the browsers, regardless of what you use you are vulnerable. We need some landmine programs so that when an attack occurs the landmine file wipes out the attacking computer's hard drive. One could hardly complain that their computer was damaged because they were trying to steal information from someone else's computer.

[play7]

"by t8 January 17, 2010 3:56 PM PST
WARNING!
Use Internet Explorer at your own risk.

Most IT savvy people have switched browsers, the masses need to as well."


Sweety it doesnt matter what you use they get around it ...................

[ntwrkd]

So why are people still using IE?

[muskratboy]

because people are freaking stupid. it's what comes with their computers, and they never think of it again.

i'd drag anyone still using IE6 (you know who you are) out into the street and shoot them... chinese style.

[richto]

Because it has a much better security record than the closest competitor (Firefox)

[Mallardd]

Your understanding of Windows seems to be about as advanced as your spelling. This IS an issue with Internet Explorer and not another browser. Microsoft chose to integrate that browser into Windows in a in such a way that makes such exploits possible.

[MeepMan]

Note that it uses scripts that shouldn't be used, and has permission to folders and places the user shouldn't be allowed to touch.

[richto]

"Note that it uses scripts that shouldn't be used, and has permission to folders and places the user shouldn't be allowed to touch."

Note that it actually has at most the same rights as the user running it, so your comment is garbage.

[NatalieT111]

The West makes, the East takes. . . Imagine if one day the world went to war, and seized all of the stolen property and due assets found in China.

[MeepMan]

Too much processing to be due the effort.....

[partman]

Racist as this might seem, it is very true you can complain about American marketed software and all its security issues but about 90% of the world uses Windows. Time to quit your complaining and become innovators of better software. If it wasn't for marketing of cheaper and inferior copies of existing goods where would China be?? If patent laws were enforced and American executives unwilling to pay American labor were taken to task China would probably still be farming rice. Walmarts are the biggest terrorists on American soil !!!!

[rdupuy11]

imagine if we had to make our own dvd player.

[Mikethefox]

Hackers attack the products most in use. Right now that is IE & Windows. I use FF but you just wait...there will be zero day attacks on Firefox one of these days. If Linux and Mozilla products were used in 80% of computers they would be prime targets. I'm not saying Microsoft is perfect or they haven't made mistakes but not looking at the whole picture just shows pure ignorance.

[cristate67]

Agreed. I'm not a huge MS fan and I hate IE (try to write a web page that works in all browsers and you will join me there), but they are the ones most often breached because they are the ones most widely used. So attackers know that the resources put into creating an attack will get the biggest payoff when directed at those targets.
And I direct this comment to all the mac fanboys out there. You aren't inherently safer, it's just that no one has gone to the effort to come after you. Yet.

[i-arman]

I agree with the initial statement, but there are a few benefits to non-Microsoft programs.

First, Microsoft has proven itself time and again to be horribly slow to patch anything. It doesn't matter if it's a zero-day attack when it takes months to patch the hole. Firefox might not be perfect, but it has a lot better track record of getting important fixes done quickly. Same with most Linux distros.

However, a better point is that even if Linx were on 80% of the computers, there still wouldn't be a vast majority of any given operating system. If you look, there are maybe four or five versions of Windows in use (XP, Vista, 7, and a couple server 200x versions), and those all use the same basic programs. Linux, however, is spread over dozens or even hundreds of versions. Each flavor compiles its kernel a little differently, and each runs different default programs. No two distros use the same versions of anything, and in Linux, versions mean a lot more than in Windows. Even apart from that, the security in a little-modified Linux system is better than that of a little-modified Windows system. Not perfect, mind you - just better.

I think I'd rather take my chances with hackers attacking Linux and Firefox than Windows and IE...

[phail_saph]

@n3td3v...you are clearly a 'netizen'. It isn't enough that you guys suppress thought in your own country but now you want to do so here. Unbelievable. Every time there is a Chinese topic the Chinese thought police are here to tell us how to think instead of letting the truth be expressed.

The thief needs the law abiding citizen not the other way around. Take your demented logic back home and suppress your own people.

China needs the US more than we need them. Not the other way around like you seem to believe. The proof: they are the thieves because they cannot create and so must steal IP and know how when factories build there. They think they are something because nobody is doing anything to stop their wholesale theft. They have the pride of the bully. They equate cheating with progress, the exact perspective that a socialist mind would take when grappling with Capitalism. The sooner we realize that this relationship with China is leading to nowhere the better. Just like WW2 Germany, stop them now or there is going to be a nightmare war in the future.

[cyberspittle]

China good people. Seek only cookie direction.

[MeepMan]

China good people. Seek only other people's cookies. Exactly right. Now go home.

[Protect_America]

Lets see they have poisoned are dog food, toothpaste, baby formula, wallboard, children?s toys and jewelry with lead and most recently jewelry with cadmium, just to name a few. Why are we surprised they would attack our Corporations, this seems mild compared to there history. It doesn?t matter if the government backs it; they do nothing to stop it.

[TX-Sunset]

yea, because there are NEVER and U.S. corporations that have recalls on products. No U.S. car mfgs or U.S. products have ever been release that are dangerous for people. There has never been any bad meat or echoli infected produce distributed in the U.S.

Oh, and in your first sentace it is "our" not "are"

[partman]

TX-Sunset needs to understand the difference between malicious poisoning and inferior shoddy workmanship as opposed to accidental negligence in produced goods. I believe some chinese were foung guilty of crimes and even paid with their lives for malicious behavior in their manufacturing. Most American companies are far to concerned with arbitration to manufacture such garbage.

[Lerianis4]

The best thing that people could do is to punish China in the wallet by not buying anything made in China.... but wait, that isn't going to work because Americans can only have the lives that we have because of the things made in China.
We are in the worst kind of a Catch-22 situation, where we cannot do anything to get out of it.

[mesonto]

Google was using IE??? How ironic, guess they don't use Chrome themselves. Think I will switch back to IE now that I know Google doesn't trust their own browser technology.

[SteveMcQwark]

??? Get out from under your rock.

1) The IE exploit was largely responsible for accessing the accounts of GMail customers, from their own computers (since they couldn't get enough through Google's security)

2) Google is a software engineering firm. They develop a myriad of web apps. These apps need to be tested and tweaked for IE, the most common browser available, due to its large default install base. To suggest that Google using a competitors browser on any number of their machines somehow implies their own browser's inferiority is really ludicrous.

[chrobrego-2009]

I don't ever want to buy another 'made in china' product ever again? Let's kick China out of the WTO and start demanding that they behave like good neighbors before we do any more trade with them.

[ncr7002]

Did you know that the US owes China over 800 billion dollars in US Treasury bonds making the PRC the US largest creditor ? And apparently you owe Japan another 750 billion dollars, Hong Kong 130 billion, and so on. And that is just the public debt, not involving the private sector.. so will it be cash or check when you decide on your own to kick China out of the WTO ? not that you could though.

[partman]

In regards to ncr7002 and his comments to debt. If the patent dispute laws and all the people and pets hurt by inferior Chinese produced goods were compensated for their woes. the debt would probably be somewhat reduced.

[The_happy_switcher]

"... including Windows 7, are affected by vulnerability." As usual, Windows continues to provide a consistent user experience.

[Endbringer]

Isn't it the browser, not the OS causing the problem?

[kneehow]

And the CCTV news here is that Google steals the intellectual property rights of Chinese authors, AND that the law of the US permits it. Sounds like a justification for what is being done though they deny doing it.

[luke_marsh]

Let them have the information. It's not like those lousy companies have that good a minds anyway besides which they should be doing more creative work not bullying the world anyway.
A good Defence is a good defence, all these guys seem to care about is offensive scare mongering and keeping the pockets of all the wrong people lined.

[cristate67]

Ok, I usually don't complain about peoples grammar. But I have no idea what you're trying to say.

[FugCnet]

luke be kindergarten dropout...