GOOGLE IN ATTACK …..
Researchers are busy trying to figure out just how hackers were able to plant malicious code in the corporate networks of Google and at least 20 other companies. That malicious code resulted in the theft of Google’s intellectual property and the attempted access of the Gmail accounts of Chinese human rights activists. It appears that Adobe may also have been hit by that same attack and Bloomberg News reported that Yahoo may have also been a victim. Another estimate said about 34 companies had been impacted but nobody knows at this point just how many companies will suffer from this attack. “I think the final number is going to be much larger than 34 companies,” says George Kurtz, chief technology officer at security firm McAfee.
Security experts are also scrambling to figure out which weaknesses in various software programs hackers were able to target. Typically, software vendors work to shore up their software against possible attacks with fixes known as patches but hackers sometimes discover holes before the software vendor does – a problem known as a zero day vulnerability. “We’ve looked at some of the samples of the [malicious code] and it does look like there’s a cocktail of zero day vulnerabilities,” says Kurtz, who declined to name the software vendors with those weaknesses. Kurtz has seen malicious code that exploits about 7 different weaknesses but he did not say how many of them were previously unknown to software makers.
Yesterday, at about the same time as Google’s announcement, Adobe also said that its network had been attacked. The [Google and Adobe] incidents appear to be related given the timing of the discoveries, but until our investigation is completed we won’t be able to confirm it,” says Jodi Sorensen, senior manager of corporate communications at Adobe.
Yesterday, Adobe also released patches for Adobe Reader and Acrobat zero day vulnerabilities. The timing of those announcements led some researchers to believe that the attack had been started with a targeted e-mail message sent to an employee who might have clicked on a PDF file that then used weaknesses in Adobe Reader to infect a PC with malicious code that then spread into the entire network. Based on discussions with people who were working on the case, Mikko Hyppönen, Chief Research Officer at security firm F-Secure, said he believed that the Adobe Reader vulnerability was one of the problems. Yet, Adobe says that in this particular instance, the company has no evidence at this time to suggest that a weakness in Adobe Reader or any other Adobe technology contributed to the attack. So far, McAfee’s Kurtz says his company has seen other problems but none so far with PDF and Adobe Reader.
General security advice for all users is have a strong password that is changed regularly and includes letters, numbers and symbols.
All security patches should be up-to-date and users should never open attachments unless they know the person they are being sent by and are expecting them.
