By Jim Finkle | Reuters
BOSTON, US, 14 January 2010
Recent sophisticated cyber attacks on Google Inc and other businesses exploited a previously unknown flaw in Microsoft Corp’s Internet Explorer browser.
The weakness in the world’s most widely used browser was identified by security company McAfee Inc, and later confirmed by Microsoft.
Google said on Tuesday that in mid-December, it detected an attack on its corporate infrastructure originating from China that resulted in the theft of its intellectual property. It eventually found that more than 20 other companies had been infiltrated.
McAfee said on Thursday that those who engineered the attacks tricked employees of the companies into clicking on a link to a website that secretly downloaded sophisticated malicious software onto their PCs through a campaign that the hackers apparently dubbed “Operation Aurora.”
“We have never seen attacks of this sophistication in the commercial space. We have previously only seen them in the government space,” said Dmitri Alperovitch, a vice president of research with McAfee.
Microsoft later confirmed the flaw, and sent out an advisory to users to help mitigate the problem. It is still working on a patch that would solve it.
“The company has determined that Internet Explorer was one of the vectors used in targeted and sophisticated attacks against Google and other corporate networks,” Microsoft said.
The world’s largest software company said using Internet Explorer in “protected mode” with security settings at “high” would limit the impact of the vulnerability.
“We need to take all cyber attacks, not just this one, seriously,” said Microsoft Chief Executive Steve Ballmer in an interview on CNBC. “We have a whole team of people that responds in very real time to any report that it may have something to do with our software, which we don’t know yet.”
The programs allowed the hackers to take control of the PCs without the knowledge of their users, according to McAfee, which has been researching the matter on behalf of several companies involved in the attacks since late last week.
McAfee’s Alperovitch declined to say which companies had hired McAfee, saying they had signed confidentiality agreements.
So far the only other victim to come forward is design software maker Adobe Systems Inc, which has said that it is still investigating the matter.
Some researchers have speculated that the attackers may have exploited flaws in Adobe’s Acrobat software and its widely used Reader program for opening PDF documents.
McAfee’s researchers said that they found no evidence that was the case.
Still, they said that the hackers may have used other types of malicious software to break into Google and the other companies.
Internet Explorer is vulnerable on all recent versions of the Windows operating system, including Windows 7, according to McAfee. Microsoft said attacks had been limited to IE6, an older version of the application.