X

McAfee: China attacks a 'watershed moment'

The cyberattacks on Google and 30 other companies were the most sophisticated in years, according to the computer security company's CTO.

Steven Musil Night Editor / News
Steven Musil is the night news editor at CNET News. He's been hooked on tech since learning BASIC in the late '70s. When not cleaning up after his daughter and son, Steven can be found pedaling around the San Francisco Bay Area. Before joining CNET in 2000, Steven spent 10 years at various Bay Area newspapers.
Expertise I have more than 30 years' experience in journalism in the heart of the Silicon Valley.
Steven Musil
2 min read

The China-based cyberattacks on Google and other companies were "a watershed moment in cybersecurity," according to an executive at computer security company McAfee.

"I believe this is the largest and most sophisticated cyberattack we have seen in years targeted at specific corporations," McAfee Chief Technology Officer George Kurtz wrote on his blog Sunday. "While the malware was sophisticated, we see lots of attacks that use complex malware combined with zero day exploits."

"What really makes this is a watershed moment in cybersecurity is the targeted and coordinated nature of the attack with the main goal appearing to be to steal core intellectual property," Kurtz said.

Exploit code for a zero-day hole in Microsoft's Internet Explorer, which has been linked to the attacks, has been released on the Internet, McAfee warned on Friday. Microsoft said Thursday it is working on a patch and warned that IE 6, 7, and 8 on all the modern versions of Windows, including Windows 7, are affected by vulnerability.

Kurtz said IE users "face a real and present danger," leading McAfee Labs researchers to create a Web page that offers updates, advice, and product configuration suggestions as they pertain to the vulnerability and the China-based attacks, which organizers referred to as "Operation Aurora."

Google disclosed the attacks targeting it and other U.S. companies on Tuesday and said the attacks originated in China. The company said it discovered the attacks in mid-December and while it did not specifically implicate the Chinese government, it says that as a result of the incidents, it may withdraw from doing business in China.

Source code was stolen from some of more than 30 Silicon Valley companies targeted in the attack, sources said. Adobe Systems has confirmed that it was targeted by an attack, and sources have said Yahoo, Symantec, Juniper Networks, Northrop Grumman, and Dow Chemical also were targets.

See also:
• Behind the China attacks on Google (FAQ)
• Google's challenge in China (roundup)