HBGary e-mailsEmails unearthed by the HBGary hack
reveal that Chinese hackers compromised the networks of chemical
company, DuPont, and more than a dozen others high profile Western firms  in late 2009 as part of a wide-scale hack since dubbed “Operation
Aurora.”

The revelations, gleaned from leaked e-mail, expands what is known about the mysterious “Operation Aurora” attack that first came to light after search giant Google publicly disclosed that they had been intruded upon
in January, 2010. Firms like Adobe, Juniper Networks, defense
contractor Northrop Grumman and Dow Chemical were initially listed among
the victims of the attack. Further dives into HBGary’s
e-mail trove suggest that DuPont and others, including Walt Disney Co.,
Sony Corp., Johnson & Johnson, and General Electric Co, were also
attacked, but decided not to disclose the intrusion.

DuPont
executives were told of the intrusion, in addition to another similar
intrusion carried out by the same parties as the Aurora attack twelve
months later, by FBI investigators in December, 2010, according to the
Bloomberg report. This followed an internal investigation, where DuPont
discovered that a number of their computers were implanted with spy ware during a business trip to China where the computers were being stored in a hotel safe.

The incident and DuPont’s decision not to publically announce it are detailed in roughly 60,000 pilfered emails exchanged between DuPont and HBGary, who were hired by many of the affected companies to help manage the intrusions and its aftermath.

“The
companies don’t want to disclose it,” Rhode Island Democratic Senator
and former chairman of the U.S. Senate Select Committee on Intelligence
task force on U.S. cyber security Sheldon Whitehouse  (D-RI) told
Bloomberg. “They want to just basically eat the harm that was done to them and pretend that all is well.”

Whitehouse claims the secrecy measures are the reason why investors and regulators “under appreciate” these intrusions and the dangers they represent.

Fears
that disclosure would lead to questions from regulators and investors
about what was stolen are one reasons that firms often choose to keep
mum, according to the Bloomberg report.

Diplomatic cables released by Wikileaks suggest
that the U.S. State Department and intelligence agencies are confident
that the Aurora attacks were sanctioned by China’s government
.
However, China’s embassy spokesperson in D.C. remains steadfast that the
country is the target of “unwarranted blame” in the Aurora attacks.

Categories: Data Breaches, Government, Malware, Social Engineering

Comment (1)

Comments are closed.