Vulnerabilities / Threats
1/15/2010
05:20 PM
Connect Directly
LinkedIn
Twitter
Google+
RSS
E-Mail
50%
50%

Other Targets In Google Cyber Attack Surface

The U.S. has formally asked Chinese officials for an explanation; China says it welcomes companies that obey the law.

The names of other companies targeted in the cyber attack disclosed by Google earlier this week have started to emerge.

Google reportedly asked the other 33 companies targeted in the attack to come forward.

A Google spokesperson said that while the company provided technical information, that was the extent of its communication to other affected organizations.

Adobe was the first company after Google to acknowledge that it had been targeted. It said on Tuesday that it had learned about "a sophisticated, coordinated attack against corporate network systems managed by Adobe and other companies" at the beginning of the month.

According to an Adobe spokesperson, Adobe decided to come forward on its own.

Web hosting provider Rackspace followed suit in a blog post.

Symantec and Juniper Networks have acknowledged being targeted.

Dow Chemical and Northrop Grumman were also among the targets, according to The Washington Post. Other reports say Yahoo was attacked as well.

A spokesperson for Northrop Gruman declined to comment. Dow Chemical and Yahoo did not respond to requests for comment.

Microsoft on Thursday acknowledged that the cyber attack leveraged an Internet Explorer vulnerability and issued a security advisory. It condemned the attacks and noted that its network and online properties appear not to have been affected.

"At this time, we have no indication that Microsoft's corporate network or our mail properties were attacked as part of these attacks," said Mike Reavey, director of Microsoft Security Response, in an online post on Thursday.

A report in the English-language China Daily noted that Microsoft and HP failed to back Google's move. It includes a quote from Microsoft CEO Steve Ballmer, referring to the incident as "the Google problem."

Following Microsoft's announcement, Verisign iDefense on Friday retracted its claim that the likely attack vector was "malicious PDF file attachments delivered via e-mail."

The U.S. government has formally asked Chinese diplomatic officials for an explanation of the incident.

"We have had a discussion today here in Washington with officials from the Embassy, where we raised the issue," said State Department spokesman P.J. Crowley at Thursday's press briefing. "And as the Secretary said, it is a serious issue. The incident raises questions about both Internet freedom and the security of the Internet in China. And we've asked them for an explanation."

China's Foreign Ministry Spokesperson Jiang Yu in a briefing on Thursday said that "China's Internet is open," and that "China welcomes international Internet corporations to do business in China in line with law."

Asked about reports that U.S. Secretary of State Hillary Clinton said she would seek an explanation, Jiang responded, "if the US contacts us, we will reiterate our position on this issue."

Update: Added Google response.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Flash Poll
Current Issue
Cartoon
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-0761
Published: 2014-08-27
The DNP3 driver in CG Automation ePAQ-9410 Substation Gateway allows remote attackers to cause a denial of service (infinite loop or process crash) via a crafted TCP packet.

CVE-2014-0762
Published: 2014-08-27
The DNP3 driver in CG Automation ePAQ-9410 Substation Gateway allows physically proximate attackers to cause a denial of service (infinite loop or process crash) via crafted input over a serial line.

CVE-2014-2380
Published: 2014-08-27
Schneider Electric Wonderware Information Server (WIS) Portal 4.0 SP1 through 5.5 uses weak encryption, which allows remote attackers to obtain sensitive information by reading a credential file.

CVE-2014-2381
Published: 2014-08-27
Schneider Electric Wonderware Information Server (WIS) Portal 4.0 SP1 through 5.5 uses weak encryption, which allows local users to obtain sensitive information by reading a credential file.

CVE-2014-3344
Published: 2014-08-27
Multiple cross-site scripting (XSS) vulnerabilities in the web framework in Cisco Transport Gateway for Smart Call Home (aka TG-SCH or Transport Gateway Installation Software) 4.0 allow remote attackers to inject arbitrary web script or HTML via unspecified parameters, aka Bug IDs CSCuq31129, CSCuq3...

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
This episode of Dark Reading Radio looks at infosec security from the big enterprise POV with interviews featuring Ron Plesco, Cyber Investigations, Intelligence & Analytics at KPMG; and Chris Inglis & Chris Bell of Securonix.