SAN FRANCISCO--The type of software corporations use to house source code that criminals targeted in the recent attacks on Google and others is generally weak in security protection, McAfee researchers said on Wednesday.
McAfee analyzed a commonly used software for housing intellectual property called Perforce and released its findings during a session at the RSA security conference here. The company helped in the discovery that a hole in Internet Explorer 6 was exploited in at least some of the recent attacks on U.S. firms and named the attacks "Operation Aurora" after the malware used.
Now the security company is turning its attention to looking at what attackers would be capable of doing once they are inside an organization.
When Google disclosed the targeted attack on its network in mid-January, it said intellectual property was stolen. Gmail users who are human rights activists were also targeted in attacks and Google said the attacks appeared to originate in China and that it would stop censoring its Web results there and possibly exit the market entirely.
Meanwhile, sources said at least 30 other companies were targeted in attacks in which intellectual property was at risk. Adobe and Intel have publicly disclosed that they were targeted in attacks last year, although it is unclear whether they are part of the attacks that targeted Google.
Stuart McClure, general manager risk compliance at McAfee, said he could not say whether Perforce was used at the companies McAfee knows were attacked.
News 4 months ago
