Microsoft said on Thursday that a security vulnerability in its Internet Explorer browser was used in cyberattacks that prompted Google to threaten to shut down its operations in China.
Meanwhile, Web security firm MaAfee Inc said the attacks on Google and other companies showed a level of sophistication beyond that of cyber criminals and more typical of a nation-state.
Revealing the attacks on Tuesday, Google said they originated from China and targeted the e-mail accounts of Chinese human rights activists around the world, but did not explicitly accuse the Chinese government of responsibility.
Dmitri Alperovitch, vice president of threat research for McAfee, said that while McAfee had “no proof that the Chinese are behind this particular attack, I think there are indications though that a nation-state is behind it.”
Google said more than 20 other unidentified firms were targeted in the “highly sophisticated” attacks. while other reports have put the number of companies attacked at more than 30.
Google said that following the attacks it had decided to no longer censor its Internet search engine in China and was prepared to close its operations there entirely if it could not reach an agreement with the Chinese authorities.
Only one other company, Adobe, has come forward so far and acknowledged that it was a target of the attacks, which exploited a previously unknown security flaw in Internet Explorer.
“Internet Explorer was one of the vectors used in targeted and sophisticated attacks targeted against Google and other corporate networks,” Mike Reavey, the director of Microsoft’s Security Response Center, said in a blog post on Thursday.
Reavey stressed that Microsoft “has not seen widespread customer impact, rather only targeted and limited attacks exploiting [Internet Explorer 6.]”
Changing security settings to “high” would protect users from the vulnerability, he said.
Microsoft chief executive Steve Ballmer said meanwhile that the US software giant takes cyberattacks “seriously” but has no plans to pull out of China.
“We’ve been quite clear that we’re going to operate in China,” Ballmer told CNBC television. “We’re going to abide by the law.”
“We need to take all cyberattacks seriously, not just this one,” he said.
Alperovitch said the attacks on Google and other companies, which he was not allowed to identify, were unusual in their sophistication.
“We have seen attacks like this before but only in the government space, in the defense-industrial space,” Alperovitch said. “We have never seen that level of sophistication, level of planning and reconnaissance and attention to detail in attacks on commercial entities. Primarily the threat to commercial entities is from cyber-crime individuals after financial data. They’re typically sloppy.”
“This exploit was highly sophisticated,” he said. “It used multiple levels of obfuscation and encryption, more so than in any other types of exploits that we have seen previously.”
Such sophistication is “typically an attribute of a nation-state type of attack — and that’s exactly what we see here,” the McAfee researcher said.
Alperovitch said that the attackers used e-mail or some other lure to get employees of a targeted company to click on a link and visit a specially crafted Web site using Internet Explorer.
“Malware would then be downloaded that has the capability to essentially install a ‘back door’ in the machine,” he said. “This allows the attacker to log into the machine and essentially take it over as if they were sitting at the keyboard manipulating that machine.”
“What that does is it gives the attacker a beachhead into the organization from which point they can start exploring, identifying valuable pieces of data and other vulnerable services,” he said.
GLOBAL ISSUE: If China annexes Taiwan, ‘it will not stop its expansion there, as it only becomes stronger and has more force to expand further,’ the president said China’s military and diplomatic expansion is not a sole issue for Taiwan, but one that risks world peace, President William Lai (賴清德) said yesterday, adding that Taiwan would stand with the alliance of democratic countries to preserve peace through deterrence. Lai made the remark in an exclusive interview with the Chinese-language Liberty Times (sister paper of the Taipei Times). “China is strategically pushing forward to change the international order,” Lai said, adding that China established the Asia Infrastructure Investment Bank, launched the Belt and Road Initiative, and pushed for yuan internationalization, because it wants to replace the democratic rules-based international
ECONOMIC BOOST: Should the more than 23 million people eligible for the NT$10,000 handouts spend them the same way as in 2023, GDP could rise 0.5 percent, an official said Universal cash handouts of NT$10,000 (US$330) are to be disbursed late next month at the earliest — including to permanent residents and foreign residents married to Taiwanese — pending legislative approval, the Ministry of Finance said yesterday. The Executive Yuan yesterday approved the Special Act for Strengthening Economic, Social and National Security Resilience in Response to International Circumstances (因應國際情勢強化經濟社會及民生國安韌性特別條例). The NT$550 billion special budget includes NT$236 billion for the cash handouts, plus an additional NT$20 billion set aside as reserve funds, expected to be used to support industries. Handouts might begin one month after the bill is promulgated and would be completed within
Taiwan is projected to lose a working-age population of about 6.67 million people in two waves of retirement in the coming years, as the nation confronts accelerating demographic decline and a shortage of younger workers to take their place, the Ministry of the Interior said. Taiwan experienced its largest baby boom between 1958 and 1966, when the population grew by 3.78 million, followed by a second surge of 2.89 million between 1976 and 1982, ministry data showed. In 2023, the first of those baby boom generations — those born in the late 1950s and early 1960s — began to enter retirement, triggering
The National Development Council (NDC) yesterday unveiled details of new regulations that ease restrictions on foreigners working or living in Taiwan, as part of a bid to attract skilled workers from abroad. The regulations, which could go into effect in the first quarter of next year, stem from amendments to the Act for the Recruitment and Employment of Foreign Professionals (外國專業人才延攬及僱用法) passed by lawmakers on Aug. 29. Students categorized as “overseas compatriots” would be allowed to stay and work in Taiwan in the two years after their graduation without obtaining additional permits, doing away with the evaluation process that is currently required,
RSS