Intel confirms 'sophisticated' attacks in January
Denies link to Google-China hacks, which used IE6 zero-day to breach networks and steal info
Computerworld - Intel Corp. was targeted by "sophisticated" attacks last month, at about the same time that Google Inc. reported that its network had been breached, allegedly by Chinese hackers.
"We regularly face attempts by others to gain unauthorized access through the Internet to our information technology systems by, for example, masquerading as authorized users or surreptitious introduction of software," read the 10-K filing. "These attempts, which might be the result of industrial or other espionage, or actions by hackers seeking to harm the company, its products, or end users, are sometimes successful. One recent and sophisticated incident occurred in January 2010 around the same time as the recently publicized security incident reported by Google."
Intel did not reveal whether the attacks resulted in intruders accessing or stealing confidential company information. "We treat that information as highly confidential, just as we do about how we handle our defenses," said Intel spokesman Chuck Mulloy today. For its part, Google acknowledged that hackers had stolen data when it broke the news that it and other major Western corporations had been struck with what it called "highly sophisticated and targeted" attacks.
Mulloy denied there was any connection between the attacks against Google and those on his own company. "The timing was coincidental," he said today, claiming that the attempt was added to the 10-K filing to alert investors of a risk to Intel. "This isn't a reflection of any marked increase" in attacks, he said, adding that Intel is regularly targeted by hackers.
Only a few companies have joined Google in admitting that they were hit with attacks that relied on an exploit of a then-unpatched vulnerability in Microsoft Corp.'s Internet Explorer 6. Adobe Systems Inc. was one corporation that stepped forward, while Juniper Networks Inc. and Symantec Corp. said they were investigating suspicious activity on their networks. News accounts at the time reported that Yahoo, Dow Chemical and Northrop Grumman were also attacked.
Although Google has maintained that around 30 companies were hit by Chinese hackers, other researchers have said that their investigations have uncovered a much larger number of victims.
Gregg Keizer covers Microsoft, security issues, Apple, Web browsers and general technology breaking news for Computerworld. Follow Gregg on Twitter at @gkeizer or subscribe to Gregg's RSS feed . His e-mail address is email@example.com.
Web giants attacked
- White House orders security review in wake of WikiLeaks disclosure
- Leaked U.S. document links China to Google attack
- Update: Researchers track cyber-espionage ring to China
- Google, China now playing cat and mouse?
- McAfee: 'Amateur' malware not used in Google attacks
- Military warns of 'increasingly active' cyber-threat from China
- China: Google 'totally wrong' to stop censoring
- Update: Google stops censoring in China
- Google's China ad partners wait in 'incomparable pain'
- Google may soon leave China, reports say
Read more about Cybercrime and Hacking in Computerworld's Cybercrime and Hacking Topic Center.
- Comprehensive Advanced Threat Defense The hot topic in the information security industry these days is "Advanced Threat Defense" (ATD). This paper describes a comprehensive, network-based approach to...
- Advanced Threat Defense: A Comprehensive Approach In this interview, Peter George, president, General Dynamics Fidelis Cybersecurity Solutions, explains why we need more than anti-malware, and what constitutes a comprehensive...
- 2013 Cyber Risk Report The "Cyber risk report 2013 Executive summary" presents the major findings of HP Security Research's comprehensive dive into today's cyber vulnerability and threat...
- Cybersecurity for Dummies eBook This book provides an in-depth examination of real-world attacks and APTs, the shortcomings of legacy security solutions, the capabilities of next-generation firewalls, and...
- Live Webcast Security Vulnerabilities Associated With Having Local Administrator Privileges Viewfinity will demonstrate how removing admin rights and granularly managing privileges at the application level reduces the attack surface.
- Security Vulnerabilities Associated With Having Local Administrator Privileges Viewfinity will demonstrate how removing admin rights and granularly managing privileges at the application level reduces the attack surface.
- What should I look for in a Next Generation Firewall? SANS Provides Guidance With so many vendors claiming to have a Next Generation Firewall (NGFW), it can be difficult to tell what makes each one different.... All Cybercrime and Hacking White Papers | Webcasts