Cyberattacks reaching new heights of sophistication.

• Author: Magnusow, Stew
• Position: INFORMATION TECHNOLOGY

PLANO, Texas -- In January 2010, security experts discovered that the crown jewels of U.S. information technology computer codes may have been stolen in a highly sophisticated case of cyberespionage. In April, China hijacked an uncountable amount of Internet data.

In August, the Stuxnet virus shocked the same experts. The malware that infected Siemens operating systems was orders of magnitude beyond anything they had seen in terms of sophistication.

The year 2010 may prove to be a watershed for cyber-security. The three incidents: the Aurora operation; the hijacking of data and the Stuxnet virus were all stunning new developments, said Dmitri Alperovitch, vice president of threat research at McAfee, the world's largest dedicated Internet security firm.

"Most of the days we feel like we really don't have a chance," he told National Defense. "The threats are escalating at a pretty significant pace, defenses are not keeping up, and most days attackers are succeeding quite spectacularly."

The year that may go down in infamy in Internet security circles began when the Aurora attack was discovered in January. The operation came to light when a student in California involved in human rights in China realized that someone was inside her Google G-mail account. That revealed a much larger operation that had targeted about two dozen U.S. information technology companies.

[ILLUSTRATION OMITTED]

Using a "social networking," or a spearphishing, operation, hackers sent emails to top officials at U.S. companies with high levels of access to their company's computer systems. The emails appeared to come from close friends or colleagues, and would ask the targeted person to link to some pictures. The link would go to a blank screen, but by the time they were there, malware taking advantage of a zero-day vulnerability had already been installed.

A "zero-day vulnerability" is an undiscovered security flaw in software. Cyber-criminals and spies pay large amounts of money to hackers who have ferreted out these flaws. Hundreds of thousands of dollars can exchange hands in the black market, Alperovitch explained.

Within seconds of the Aurora malware being installed, hackers were standing by and ready to exfiltrate data, he said.

"They had people at the keyboard ready to jump on the moment the computers beaconed out and said they were infected," Alperovitch said.

"The most interesting thing is that they went after intellectual property such as source codes," he added. They used the first computer to establish a beachhead in a company, and spread the malware from there. The operation set up backdoors in software programs that could be exploited later. The campaign was first launched in late 2009. The malware had...