Vulnerabilities / Threats
1/15/2010
05:20 PM
Connect Directly
Google+
LinkedIn
Twitter
RSS
E-Mail
50%
50%

Other Targets In Google Cyber Attack Surface

The U.S. has formally asked Chinese officials for an explanation; China says it welcomes companies that obey the law.

The names of other companies targeted in the cyber attack disclosed by Google earlier this week have started to emerge.

Google reportedly asked the other 33 companies targeted in the attack to come forward.

A Google spokesperson said that while the company provided technical information, that was the extent of its communication to other affected organizations.

Adobe was the first company after Google to acknowledge that it had been targeted. It said on Tuesday that it had learned about "a sophisticated, coordinated attack against corporate network systems managed by Adobe and other companies" at the beginning of the month.

According to an Adobe spokesperson, Adobe decided to come forward on its own.

Web hosting provider Rackspace followed suit in a blog post.

Symantec and Juniper Networks have acknowledged being targeted.

Dow Chemical and Northrop Grumman were also among the targets, according to The Washington Post. Other reports say Yahoo was attacked as well.

A spokesperson for Northrop Gruman declined to comment. Dow Chemical and Yahoo did not respond to requests for comment.

Microsoft on Thursday acknowledged that the cyber attack leveraged an Internet Explorer vulnerability and issued a security advisory. It condemned the attacks and noted that its network and online properties appear not to have been affected.

"At this time, we have no indication that Microsoft's corporate network or our mail properties were attacked as part of these attacks," said Mike Reavey, director of Microsoft Security Response, in an online post on Thursday.

A report in the English-language China Daily noted that Microsoft and HP failed to back Google's move. It includes a quote from Microsoft CEO Steve Ballmer, referring to the incident as "the Google problem."

Following Microsoft's announcement, Verisign iDefense on Friday retracted its claim that the likely attack vector was "malicious PDF file attachments delivered via e-mail."

The U.S. government has formally asked Chinese diplomatic officials for an explanation of the incident.

"We have had a discussion today here in Washington with officials from the Embassy, where we raised the issue," said State Department spokesman P.J. Crowley at Thursday's press briefing. "And as the Secretary said, it is a serious issue. The incident raises questions about both Internet freedom and the security of the Internet in China. And we've asked them for an explanation."

China's Foreign Ministry Spokesperson Jiang Yu in a briefing on Thursday said that "China's Internet is open," and that "China welcomes international Internet corporations to do business in China in line with law."

Asked about reports that U.S. Secretary of State Hillary Clinton said she would seek an explanation, Jiang responded, "if the US contacts us, we will reiterate our position on this issue."

Update: Added Google response.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Latest Comment: nice one good
Current Issue
E-Commerce Security: What Every Enterprise Needs to Know
The mainstream use of EMV smartcards in the US has experts predicting an increase in online fraud. Organizations will need to look at new tools and processes for building better breach detection and response capabilities.
Flash Poll
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2013-7445
Published: 2015-10-15
The Direct Rendering Manager (DRM) subsystem in the Linux kernel through 4.x mishandles requests for Graphics Execution Manager (GEM) objects, which allows context-dependent attackers to cause a denial of service (memory consumption) via an application that processes graphics data, as demonstrated b...

CVE-2015-4948
Published: 2015-10-15
netstat in IBM AIX 5.3, 6.1, and 7.1 and VIOS 2.2.x, when a fibre channel adapter is used, allows local users to gain privileges via unspecified vectors.

CVE-2015-5660
Published: 2015-10-15
Cross-site request forgery (CSRF) vulnerability in eXtplorer before 2.1.8 allows remote attackers to hijack the authentication of arbitrary users for requests that execute PHP code.

CVE-2015-6003
Published: 2015-10-15
Directory traversal vulnerability in QNAP QTS before 4.1.4 build 0910 and 4.2.x before 4.2.0 RC2 build 0910, when AFP is enabled, allows remote attackers to read or write to arbitrary files by leveraging access to an OS X (1) user or (2) guest account.

CVE-2015-6333
Published: 2015-10-15
Cisco Application Policy Infrastructure Controller (APIC) 1.1j allows local users to gain privileges via vectors involving addition of an SSH key, aka Bug ID CSCuw46076.

Dark Reading Radio
Archived Dark Reading Radio
Join Dark Reading community editor Marilyn Cohodas in a thought-provoking discussion about the evolving role of the CISO.