Does the “Operation Aurora” Hack of Google and Other US Companies Change Cybersecurity?

I think that “Operation Aurora,” the hack in 2009 of Google and other companies apparently by the Chinese government is “seminal event” in the world of cybersec. The attackers apparently found their targets via social networks. They used e-mail with a URL. If the target went to the website using Internet Explorer 6 a zero-day vulnerability was used to plant a trojan. The trojan had a unique signature so it was not detected by anti-virus. The attackers were well organized. The message for me is a) if you have something of value, attackers will spend the time and effort to customize their attack, b) Google has some of the most sophisticated cybersec technology available but it was not able to spot a problem, and c) humans are the weakest link in the chain.

Here is a URL from a white paper on “advanced malware exposed” from FireEye which I hope has value for you. It has a good expose on Operation Aurora. http://i.techweb.com/audiencedevelopment/JPS/100/051911/AdvMalwareExposedbyFireEye.pdf

Advertisements

About infoguardianangel
The consumer and corporate information guardian angel. Cybersecurity and privacy advice for my clients (and anyone else who cares about protecting their data or their companies).

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: