“Aurora” Cyber Attack Infiltrated Google & More
Labeled operation “Aurora”, security experts worked diligently to discover the tactics involved in the cyber attack announced by Google on Tuesday. Experts joined forces to investigate and analyze pieces of the malicious code that were identified as the culprits in the attack and have confirmed the cyber attempts to infiltrate targeted companies.
McAfee Security announced on Thursday that the security company had identified one of the malware culprits that were used in the cyber assault. The malicious perpetrator takes advantage of a previously unknown vulnerability in Microsoft Internet Explorer. The infiltration appears to have occurred when the malware was sent to targeted individuals -seemingly from a trusted source with the malicious code attached.
Aurora is the apparent name the attacker(s) gave this operation. For the infiltration to take place, the targeted individual would have had to click a link or open a file releasing the code to exploit the vulnerability in Internet Explorer. Once installed, the malware uses a back door to gain complete control over the compromised machine.
McAfee revealed that all versions of MS Internet Explorer were vulnerable. Operation Aurora’s apparent focus was Internet Explorer 6.
Microsoft was notified and issued a security advisory that identified the Internet Explorer susceptibility as a Remote Code Execution (RCE) vulnerability. Joining forces against this alarming cyber assault, Microsoft stated, “we are cooperating with Google and other companies, as well as authorities and other industry partners.” The software giant provided the following recommendations:
- Enable Data Execution Prevention (DEP) which helps mitigate online attacks. Note: Internet Explorer 8 had DEP enabled by default; however, previous versions need to have it enabled.
- Set Internet and Local intranet security zone settings to “High” to prompt before running ActiveX Controls and Active Scripting in these zones or configure Internet Explorer to prompt before running Active Scripting or to disable Active Scripting in the Internet and Local intranet security zone.
- Enable a firewall
- Get software updates
- Install antivirus software
The news of the attacks by Operation Aurora brings significant awareness about the severity of cyber threats and how they impact the security of our world. The joint forces of Google, Microsoft, security companies like McAfee and others have collaborated in this most alarming cyber attack focusing the spotlight on the ever changing cyber landscape and the importance of constant security investigations and evolvement.
Tags: Operation Aurora