Intel confirms 'sophisticated' attacks in January
Denies link to Google-China hacks, which used IE6 zero-day to breach networks and steal info
Computerworld - Intel Corp. was targeted by "sophisticated" attacks last month, at about the same time that Google Inc. reported that its network had been breached, allegedly by Chinese hackers.
"We regularly face attempts by others to gain unauthorized access through the Internet to our information technology systems by, for example, masquerading as authorized users or surreptitious introduction of software," read the 10-K filing. "These attempts, which might be the result of industrial or other espionage, or actions by hackers seeking to harm the company, its products, or end users, are sometimes successful. One recent and sophisticated incident occurred in January 2010 around the same time as the recently publicized security incident reported by Google."
Intel did not reveal whether the attacks resulted in intruders accessing or stealing confidential company information. "We treat that information as highly confidential, just as we do about how we handle our defenses," said Intel spokesman Chuck Mulloy today. For its part, Google acknowledged that hackers had stolen data when it broke the news that it and other major Western corporations had been struck with what it called "highly sophisticated and targeted" attacks.
Mulloy denied there was any connection between the attacks against Google and those on his own company. "The timing was coincidental," he said today, claiming that the attempt was added to the 10-K filing to alert investors of a risk to Intel. "This isn't a reflection of any marked increase" in attacks, he said, adding that Intel is regularly targeted by hackers.
Only a few companies have joined Google in admitting that they were hit with attacks that relied on an exploit of a then-unpatched vulnerability in Microsoft Corp.'s Internet Explorer 6. Adobe Systems Inc. was one corporation that stepped forward, while Juniper Networks Inc. and Symantec Corp. said they were investigating suspicious activity on their networks. News accounts at the time reported that Yahoo, Dow Chemical and Northrop Grumman were also attacked.
Although Google has maintained that around 30 companies were hit by Chinese hackers, other researchers have said that their investigations have uncovered a much larger number of victims.
Gregg Keizer covers Microsoft, security issues, Apple, Web browsers and general technology breaking news for Computerworld. Follow Gregg on Twitter at @gkeizer or subscribe to Gregg's RSS feed . His e-mail address is email@example.com.
Web giants attacked
- White House orders security review in wake of WikiLeaks disclosure
- Leaked U.S. document links China to Google attack
- Update: Researchers track cyber-espionage ring to China
- Google, China now playing cat and mouse?
- McAfee: 'Amateur' malware not used in Google attacks
- Military warns of 'increasingly active' cyber-threat from China
- China: Google 'totally wrong' to stop censoring
- Update: Google stops censoring in China
- Google's China ad partners wait in 'incomparable pain'
- Google may soon leave China, reports say
Read more about Cybercrime and Hacking in Computerworld's Cybercrime and Hacking Topic Center.
- Transforming Information Security: Future-Proofing Processes This report provides a valuable set of recommendations from 19 of the world'd leading security officers to help organizations build security strategies for...
- The Evolution of Corporate Cyberthreats Cybercriminals are creating and deploying new threats every day that are more destructive than ever before. While you may have more people devoted...
- 3 Questions to Ask Your DNS Host about Lowering DDoS Risks Neustar has had wide-ranging conversations with clients wanting to know how they can optimize protection as DDoS attacks increase in frequency and size.
- The Danger Deepens: 2014 Neustar Annual DDoS Attacks and Impact Report This report compares DDoS findings from 2013 to 2012, based on a survey of 440 North American companies, including 139 businesses delivering technology...
- Establish Cyber Resiliency: Developing a Continuous Response Architecture Many enterprises fail to proactively prepare the battlefield for a data breach by only leveraging outdated techniques that focus on the perimeter or...
- An Incident Response Playbook: From Monitoring to Operations As cyber-attacks grow more sophisticated, many organizations are investing more into incident detection and response capabilities. In this webcast, learn how to develop... All Cybercrime and Hacking White Papers | Webcasts