Computer Internet SecurityFrom the attacks on Google that originated in China to the Stuxnet worm that experts say was written to sabotage Iran’s nuclear program, 2010 was notable for international intrigue in the security world.
The year started out with a bang as Google announced in mid-January that its corporate network had been attacked by someone in China and intellectual property was heisted. The “highly sophisticated and targeted attack,” which was mirrored at about 30 other companies, exploited a hole in Internet Explorer. Separately, attackers tried to get into Gmail accounts of human rights activists and managed to access other accounts, probably via phishing. China denied any involvement in the attacks.
China was also at the center of some odd Internet happenings a few months later. In March, network operation centers around the world started noticing that traffic to Facebook, Twitter, YouTube, and a host of other sites was being redirected to servers in China. One of the main DNS (domain name system) root servers was effectively sending Web surfers behind the Great Firewall of China, a strictly controlled network of servers and routers the People’s Republic of China uses to filter the Internet and block its citizens from accessing content deemed politically sensitive.
Then, in April, something similar happened. In this case, Internet traffic was diverted through networks in China for about 17 minutes. This would have enabled operators of those servers in China to read, delete, or edit unencrypted e-mail and other communications passing through those servers during that time. China again denied any malfeasance in these cases, saying they were accidents.
This year also brought the first reported case of malware written specifically to target critical infrastructure and industrial control systems. Stuxnet showed up in June, spreading through Windows systems via a handful of holes in Windows. The worm drops its payload when it discovers a particular Siemens software. At first, security experts didn’t know what the payload was. Symantec eventually figured out that Stuxnet uploads encrypted code to Programmable Logic Controllers used to control processes inside power, manufacturing, and other plants.
Later analysis, also by Symantec, uncovered another key to the mysterious malware. The malware specifically targets systems with a frequency converter that controls the speed of a motor like those used for uranium enrichment. The speculation that Iran’s nuclear program was the intended target was bolstered when Iranian President Mahmoud Ahmadinejad accused enemies of the country of causing problems for some centrifuges with computer code. It’s unclear who is behind the multi-faceted, extremely complex malware.
The summer brought intrigue of a more domestic sort when a controversial hacker group exposed a security flaw in an AT&T Web site that was exploited to reveal thousands of e-mail addresses of iPad users. AT&T issued an apology for the security incident, but still placed the blame on the hackers.
In the course of investigating the hackers, federal agents discovered drugs in the home of the leader, Andrew Auernheimer, and arrested him. Other members of the group have been called in for questioning by a federal grand jury, but so far no charges have been filed.
Share This Using Popular Bookmarking Services