February 18, Washington Post – (International) More than 75,000 computer systems hacked in one of largest cyber attacks, security firm says. More than 75,000 computer systems at nearly 2,500 companies in the United States and around the world have been hacked in what appears to be one of the largest and most sophisticated attacks by cyber criminals discovered to date, according to a northern Virginia security firm. The attack, which began in late 2008 and was discovered last month, targeted proprietary corporate data, e-mails, credit-card transaction data and login credentials at companies in the health and technology industries in 196 countries, according to Herndon-based NetWitness. This latest attack does not appear to be linked to the Google intrusion, said NetWitness’s chief executive. But it is significant, he said, in its scale and in its apparent demonstration that the criminal groups’ sophistication in cyberattacks is approaching that of nation states such as China and Russia. The attack also highlights the inability of the private sector - including industries that would be expected to employ the most sophisticated cyber defenses - to protect itself. The intrusion, first reported on the Wall Street Journal’s Web site, was detected January 26 by a NetWitness engineer. He discovered the intrusion, dubbed the Kneber bot, being run by a ring based in Eastern Europe operating through at least 20 command and control servers worldwide. The hackers lured unsuspecting employees at targeted firms to download infected software from sites controlled by the hackers, or baited them into opening e-mails containing the infected attachments, the chief executive said. The malicious software, or “bots,” enabled the attackers to commandeer users’ computers, scrape them for log-in credentials and passwords - including to online banking and social networking sites - and then exploit that data to hack into the systems of other users, the chief executive said. The number of penetrated systems grew exponentially, he said. Source:
http://www.washingtonpost.com/wpdyn/%20content/article/2010/02/17/AR2010021705816.htmlWonder how we find out who the companies were?
