It has been discovered that several major companies have been hacked by a command and control server. The list of companies includes nearly 20 percent of the Fortune 100 and other massive corporations, according to CNN´s Money website.
A command and control server is a computer that hackers use to direct the fleets of compromised PC´s that they have gained control over. After a period of time the infected PC´s communicate with the command and control server giving away access to secrets.
The attack was originally disclosed by the security company RSA in March after they discovered their network was breached. This attack received worldwide attention and highlights the challenges that are faced in detecting and blocking these cyber attacks. The companies that were attacked cover a wide range of fields from telecommunications companies to financial investment houses. The attacks appear to have started during November 2010, according to Krebson Security.
Some of the companies, though, may not have been directly attacked. For instance Google and Amazon are listed as victims, but they may have been compromised by insecure computers connected to their internet Domain Name Services, that helps people surf the web.
Other technology giants that were compromised include companies such as Intel, IBM, Facebook and Microsoft. The list of companies was discovered on the command and control server itself. Other companies, such as McAfee and other anti-virus and computer security companies, probably compromised their own computers in order to reverse engineer the malware used in these attacks.
Krebson Security notes that out of the 338 documented command and control attacks, 299 are located in or around Beijing, China while the next largest source of attacks is South Korea with a total of 16 attacks.
—
On the Net:
Comments