Intel confirms 'sophisticated' attacks in January

Denies link to Google-China hacks, which used IE6 zero-day to breach networks and steal info

Intel Corp. was targeted by "sophisticated" attacks last month, at about the same time that Google Inc. reported that its network had been breached, allegedly by Chinese hackers.

In its annual report filed Monday with the U.S. Securities and Exchange Commission, Intel confirmed that it had been hit in January.

"We regularly face attempts by others to gain unauthorized access through the Internet to our information technology systems by, for example, masquerading as authorized users or surreptitious introduction of software," read the 10-K filing. "These attempts, which might be the result of industrial or other espionage, or actions by hackers seeking to harm the company, its products, or end users, are sometimes successful. One recent and sophisticated incident occurred in January 2010 around the same time as the recently publicized security incident reported by Google."

Intel did not reveal whether the attacks resulted in intruders accessing or stealing confidential company information. "We treat that information as highly confidential, just as we do about how we handle our defenses," said Intel spokesman Chuck Mulloy today. For its part, Google acknowledged that hackers had stolen data when it broke the news that it and other major Western corporations had been struck with what it called "highly sophisticated and targeted" attacks.

Mulloy denied there was any connection between the attacks against Google and those on his own company. "The timing was coincidental," he said today, claiming that the attempt was added to the 10-K filing to alert investors of a risk to Intel. "This isn't a reflection of any marked increase" in attacks, he said, adding that Intel is regularly targeted by hackers.

Only a few companies have joined Google in admitting that they were hit with attacks that relied on an exploit of a then-unpatched vulnerability in Microsoft Corp.'s Internet Explorer 6. Adobe Systems Inc. was one corporation that stepped forward, while Juniper Networks Inc. and Symantec Corp. said they were investigating suspicious activity on their networks. News accounts at the time reported that Yahoo, Dow Chemical and Northrop Grumman were also attacked.

Although Google has maintained that around 30 companies were hit by Chinese hackers, other researchers have said that their investigations have uncovered a much larger number of victims.

A report last week in The New York Times implicated computers at a pair of Chinese schools; those schools, however, have denied playing any part in the attacks.

Gregg Keizer covers Microsoft, security issues, Apple, Web browsers and general technology breaking news for Computerworld. Follow Gregg on Twitter at @gkeizer or subscribe to Gregg's RSS feed . His e-mail address is gkeizer@ix.netcom.com.

FREE Computerworld Insider Guide: IT Certification Study Tips
Join the discussion
Be the first to comment on this article. Our Commenting Policies