Google Aurora Attackers Behind Internet Explorer Zero-Day Attacks

By Robert Westervelt
January 04, 2013 10:36 AM ET

Page 1 of 2

Ongoing attacks targeting an Internet Explorer zero-day vulnerability have been linked to a cybercrime gang responsible for the Google Aurora attacks in 2009.

Researchers at Symantec said it found similarities in the techniques and files used in the latest round of attacks to those used by the Elderwood group, responsible for highly targeted campaigns over the last several years.

The group, believed to be based in China, has targeted U.S. defense contractors and their partners in the supply chain, including manufacturers of mechanical components. It uses spear phishing to lure specific employees to a malicious site to infect their system. Once the system is infected, the Elderwood attackers remotely gain control, using it as a stepping stone to more sensitive corporate data.

"They are responsible for compromising numerous websites, corporations and individuals over the past three years," Symantec said in a report it issued on the Elderwood group earlier this year. "This group is focused on wholesale theft of intellectual property and clearly has the resources, in terms of manpower, funding and technical skills, required to implement this task."

Intellectual property theft has been a rising concern voiced by government officials and prominent security experts who believe that successful attacks are not likely being publicly reported by companies. Well-funded, sophisticated attackers can infiltrate corporate systems and remain stealthy for months and even years. Former White House Cybersecurity Coordinator Howard Schmidt called it a serious national security concern. The Securities and Exchange Commission attempted to increase transparency of the issue in 2011 when it issued a new rule making public companies disclose a data breach or potential breach when it may have an increased risk or financial impact on corporate earnings.

"We believe that there's a tremendous amount of corporate cybercrime and espionage going on that most of the industry doesn't know about," said George Tubin, a senior security strategist at Boston-based security firm Trusteer. "Once your intellectual property is gone in electronic form, it's gone forever."

NEXT: Latest attacks target a number of firms

1 | 2 | Next >>

To continue reading this article, please download the free CRN Tech News app for your iPad or Windows 8 device.

Related: Videos | Slide Shows | Comments

SHARE THIS ARTICLE

More Security

Comments by Vanilla

Recent Articles

	Tech 10: Hot Antivirus Alternatives For 2013 CRN identifies 10 vendors that have developed innovative ways to detect malware and analyze threats to better protect corporate networks. They take a giant step beyond traditional signature technologies.
	10 Emerging Security Technologies Gaining Interest, Adoption Despite some security defenses being only in their infancy, they are attracting interest for addressing BYOD issues, cloud security concerns and stolen account credentials. Here's a look at some of the top new security areas gaining industry interest.
	5 Government Intelligence Facilities You've Never Heard Of One facility has been around since the dawn of space exploration, while other buildings are still in construction. But, they all have serious data analysis and surveillance support activities associated with them.
	More Slide Shows