Vulnerabilities / Threats
1/15/2010
05:20 PM
Connect Directly
Google+
LinkedIn
Twitter
RSS
E-Mail
50%
50%

Other Targets In Google Cyber Attack Surface

The U.S. has formally asked Chinese officials for an explanation; China says it welcomes companies that obey the law.

The names of other companies targeted in the cyber attack disclosed by Google earlier this week have started to emerge.

Google reportedly asked the other 33 companies targeted in the attack to come forward.

A Google spokesperson said that while the company provided technical information, that was the extent of its communication to other affected organizations.

Adobe was the first company after Google to acknowledge that it had been targeted. It said on Tuesday that it had learned about "a sophisticated, coordinated attack against corporate network systems managed by Adobe and other companies" at the beginning of the month.

According to an Adobe spokesperson, Adobe decided to come forward on its own.

Web hosting provider Rackspace followed suit in a blog post.

Symantec and Juniper Networks have acknowledged being targeted.

Dow Chemical and Northrop Grumman were also among the targets, according to The Washington Post. Other reports say Yahoo was attacked as well.

A spokesperson for Northrop Gruman declined to comment. Dow Chemical and Yahoo did not respond to requests for comment.

Microsoft on Thursday acknowledged that the cyber attack leveraged an Internet Explorer vulnerability and issued a security advisory. It condemned the attacks and noted that its network and online properties appear not to have been affected.

"At this time, we have no indication that Microsoft's corporate network or our mail properties were attacked as part of these attacks," said Mike Reavey, director of Microsoft Security Response, in an online post on Thursday.

A report in the English-language China Daily noted that Microsoft and HP failed to back Google's move. It includes a quote from Microsoft CEO Steve Ballmer, referring to the incident as "the Google problem."

Following Microsoft's announcement, Verisign iDefense on Friday retracted its claim that the likely attack vector was "malicious PDF file attachments delivered via e-mail."

The U.S. government has formally asked Chinese diplomatic officials for an explanation of the incident.

"We have had a discussion today here in Washington with officials from the Embassy, where we raised the issue," said State Department spokesman P.J. Crowley at Thursday's press briefing. "And as the Secretary said, it is a serious issue. The incident raises questions about both Internet freedom and the security of the Internet in China. And we've asked them for an explanation."

China's Foreign Ministry Spokesperson Jiang Yu in a briefing on Thursday said that "China's Internet is open," and that "China welcomes international Internet corporations to do business in China in line with law."

Asked about reports that U.S. Secretary of State Hillary Clinton said she would seek an explanation, Jiang responded, "if the US contacts us, we will reiterate our position on this issue."

Update: Added Google response.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Dark Reading, September 16, 2014
Malicious software is morphing to be more targeted, stealthy, and destructive. Are you prepared to stop it?
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-2886
Published: 2014-09-18
GKSu 2.0.2, when sudo-mode is not enabled, uses " (double quote) characters in a gksu-run-helper argument, which allows attackers to execute arbitrary commands in certain situations involving an untrusted substring within this argument, as demonstrated by an untrusted filename encountered during ins...

CVE-2014-4352
Published: 2014-09-18
Address Book in Apple iOS before 8 relies on the hardware UID for its encryption key, which makes it easier for physically proximate attackers to obtain sensitive information by obtaining this UID.

CVE-2014-4353
Published: 2014-09-18
Race condition in iMessage in Apple iOS before 8 allows attackers to obtain sensitive information by leveraging the presence of an attachment after the deletion of its parent (1) iMessage or (2) MMS.

CVE-2014-4354
Published: 2014-09-18
Apple iOS before 8 enables Bluetooth during all upgrade actions, which makes it easier for remote attackers to bypass intended access restrictions via a Bluetooth session.

CVE-2014-4356
Published: 2014-09-18
Apple iOS before 8 does not follow the intended configuration setting for text-message preview on the lock screen, which allows physically proximate attackers to obtain sensitive information by reading this screen.

Best of the Web
Dark Reading Radio