All the latest UK technology news, reviews and analysis
|
|
|
01 Mar 2011
Emails leaked by the hacking group Anonymous show that Morgan Stanley was one of the institutions attacked in the mass network intrusion dubbed Operation Aurora.
One email from Phil Wallisch, a senior security engineer at HB Gary Federal, said that Morgan Stanley had admitted an attack and other emails refer to internal company documents reporting on the case. A Morgan Stanley spokewoman confirmed to V3.co.uk that intrusions took place but stressed they were limited in scope.
"At the time of the incident over a year ago, Morgan Stanley notified the handful of retail clients who may have been potentially affected by the security breach, as well as its regulators and law enforcement agencies,” the company said in a statement
“Morgan Stanley invests significantly in IT security and manages a robust program to deal with malware and attempted computer compromises. Like any other company in our industry, we deal with these matters in the normal course of conducting business."
Operation Aurora was a series of hacking attacks performed in the second half of 2009 that originated from the Chinese mainland and focused on Western businesses and governments. Google cited the attacks as a strong driver in its decision to withdraw cooperation with the Chinese government.
According to leaked cables from WikiLeaks the attacks were believed by the US State Department to have been ordered by a member of the Chinese politburo. Other reports suggest the attacks might have been more amateurish, but the fact remains they succeeded.
“In all attacks with both Aurora and Night Dragon the goal is espionage,” Dmitri Alperovitch, McAfee’s vice president of threat research, told V3.co.uk.
“Both attacks used custom made toolkits and we haven’t seen them used in any other attacks, or for sale online.”
The Aurora attacks took place a long time ago he stressed, but said that companies are just as vulnerable today to such tactics. The attackers in both cases had specific goals in mind and were persistent enough to be effectively unstoppable.
“They are like a dog with a bone, they keep on trying new tactics to wear down defences,” he said.
“It’s now a question how long it takes them to get in and how quickly you can detect an intrusion once they do.”
Latest stories from Management
Related articles
Related jobs
Poll
Are you confident that the UK's IT infrastructure is secure from attack in the wake of the Flame malware revelations?
Orange and Intel talk us through the ins and outs of their San Diego smartphone
Connect with V3.co.uk
Social networking is almost ubiquitous. This white paper examines the benefits and risks and it looks at the different ways companies can reconcile them
The importance of understanding your infrastructure
Lead/Project Engineer Microsoft VMware SAN Networking...
SENIOR APPLICATION TESTER. Assen, Netherlands. €1k-€1...
Project Manager - Trading Systems - up to £85'000...
SAS Senior Analyst- up to £55,000 Industry: Marketing...
Keep up to date with the latest products, services and technologies from the world's leading IT companies. IThound.com brings you over 2,000 white papers, case studies and analyst reports.
Do you agree?