Microsoft said on Thursday that a security vulnerability in its Internet Explorer browser was used in cyberattacks that prompted Google to threaten to shut down its operations in China.
Meanwhile, Web security firm MaAfee Inc said the attacks on Google and other companies showed a level of sophistication beyond that of cyber criminals and more typical of a nation-state.
Revealing the attacks on Tuesday, Google said they originated from China and targeted the e-mail accounts of Chinese human rights activists around the world, but did not explicitly accuse the Chinese government of responsibility.
Dmitri Alperovitch, vice president of threat research for McAfee, said that while McAfee had “no proof that the Chinese are behind this particular attack, I think there are indications though that a nation-state is behind it.”
Google said more than 20 other unidentified firms were targeted in the “highly sophisticated” attacks. while other reports have put the number of companies attacked at more than 30.
Google said that following the attacks it had decided to no longer censor its Internet search engine in China and was prepared to close its operations there entirely if it could not reach an agreement with the Chinese authorities.
Only one other company, Adobe, has come forward so far and acknowledged that it was a target of the attacks, which exploited a previously unknown security flaw in Internet Explorer.
“Internet Explorer was one of the vectors used in targeted and sophisticated attacks targeted against Google and other corporate networks,” Mike Reavey, the director of Microsoft’s Security Response Center, said in a blog post on Thursday.
Reavey stressed that Microsoft “has not seen widespread customer impact, rather only targeted and limited attacks exploiting [Internet Explorer 6.]”
Changing security settings to “high” would protect users from the vulnerability, he said.
Microsoft chief executive Steve Ballmer said meanwhile that the US software giant takes cyberattacks “seriously” but has no plans to pull out of China.
“We’ve been quite clear that we’re going to operate in China,” Ballmer told CNBC television. “We’re going to abide by the law.”
“We need to take all cyberattacks seriously, not just this one,” he said.
Alperovitch said the attacks on Google and other companies, which he was not allowed to identify, were unusual in their sophistication.
“We have seen attacks like this before but only in the government space, in the defense-industrial space,” Alperovitch said. “We have never seen that level of sophistication, level of planning and reconnaissance and attention to detail in attacks on commercial entities. Primarily the threat to commercial entities is from cyber-crime individuals after financial data. They’re typically sloppy.”
“This exploit was highly sophisticated,” he said. “It used multiple levels of obfuscation and encryption, more so than in any other types of exploits that we have seen previously.”
Such sophistication is “typically an attribute of a nation-state type of attack — and that’s exactly what we see here,” the McAfee researcher said.
Alperovitch said that the attackers used e-mail or some other lure to get employees of a targeted company to click on a link and visit a specially crafted Web site using Internet Explorer.
“Malware would then be downloaded that has the capability to essentially install a ‘back door’ in the machine,” he said. “This allows the attacker to log into the machine and essentially take it over as if they were sitting at the keyboard manipulating that machine.”
“What that does is it gives the attacker a beachhead into the organization from which point they can start exploring, identifying valuable pieces of data and other vulnerable services,” he said.
NETWORK-MAPPING PROJECT: The database contains 170 detailed files of Taiwanese politicians and about 23 million records of household registration data in Taiwan China has developed a network-mapping project targeting political figures and parties in Taiwan to monitor public opinion during elections and to craft tailored influence campaigns aimed at dividing Taiwanese society, according to documents leaked by Chinese technology firm GoLaxy (中科天璣). The documents, collected by Taipei-based Doublethink Lab, showed a database was specifically created to gather detailed information on Taiwanese political figures, including their political affiliations, job histories, birthplaces, residences, education, religion and a brief biography about them. Several notable Taiwanese politicians are in the database, including President William Lai (賴清德), former president Tsai Ing-wen (蔡英文), Minister of Foreign Affairs Lin Chia-lung (林佳龍),
RECOGNITION: Former Fijian prime minister Mahendra Chaudhry said that Taiwan’s New Southbound Policy serves as a stabilizing force in the Indo-Pacific region Taiwan can lead the unification of the Chinese people, Nobel Peace Prize laureate and former Polish president Lech Walesa said in Taipei yesterday, adding that as the world order is changing, peaceful discussion would find good solutions, and that the use of force and coercion would always fail. Walesa made the remarks during his keynote address at a luncheon of the Yushan Forum in Taipei, titled “Indo-Pacific Partnership Prospects: Taiwan’s Values, Technology and Resilience,” organized by the Taiwan-Asia Exchange Foundation with the Ministry of Foreign Affairs. Walesa said that he had been at the forefront of a big peaceful revolution and “if
North Korea tested nuclear-capable rocket launchers, state media reported yesterday, a day after Seoul detected the launch of about 10 ballistic missiles. The test comes after South Korean and US forces launched their springtime military drills, due to run until Thursday. North Korean leader Kim Jong-un on Saturday oversaw the testing of the multiple rocket launcher system (MRLS), the Korean Central News Agency (KCNA) said. The test involved 12 600mm-caliber ultra-precision multiple rocket launchers and two artillery companies, it said. Kim said the drill gave Pyongyang’s enemies, within the 420km striking range, a sense of “uneasiness” and “a deep understanding
UPGRADED MISSILE: The Chungshan Institute of Science and Technology is reportedly to conduct a live-fire test of the Hsiung Feng III anti-ship missile on Thursday next week The US Army is planning to build new facilities to boost explosives production and strengthen its supply chain, a move aimed at addressing munitions shortages and supporting obligations to partners including Taiwan, Ukraine and Israel, Defense News reported. The army has issued a sources sought notice for a proposed Center of Excellence at the Blue Grass Army Depot in Kentucky, the report said. The facility would serve as a hub within the US industrial base for the production of key military explosives, including research department explosives (RDX) and high melting explosives (HMX), while also supporting research and development of next-generation materials. The proposed
RSS