Location of Repository

OPERATION

By 

Abstract

Cyber Espionage is a critical issue. Over 80 % of intellectual property is stored online digitally. The computing infrastructure in a typical Enterprise is more vulnerable to attack than ever before. Current security solutions are proving ineffective at stopping cyber espionage. Malware is the single greatest problem in computer security today. Yet, malware represents only the tip of the spear. The true threat is the human being who is operating the malware. This human and the organization represented is the true threat that is targeting information for the purposes of fi nancial gain, theft of state secrets, and theft of intellectual property. True threat intelligence requires reaching beyond malware infections to identify the individuals, country of origin, and intent of the attacker. 2 HB GARY THREAT REPORT: OPERATION AURORA THREAT SUMMARY The Aurora malware operation was identified recently and made public by Google and McAfee. This malware operation has been associated with intellectual property theft including source code and technical diagrams (CAD, oil exploration bid-data, etc). Companies hit have been publically speculated, including Google, Adobe, Yahoo, Symantec, Juniper Networks, Rackspace, Northrop Grumman, and Dow Chemical. The malware package used with Aurora is mature and been in development since at least 2006. The Aurora operation is characterized by a remotely operated backdoor program that persists on a Windows computer. This backdoor program has several capabilities that are outlined below

Year: 2010
OAI identifier: oai:CiteSeerX.psu:10.1.1.173.7657
Provided by: CiteSeerX
Download PDF:
Sorry, we are unable to provide the full text but you may find it at the following location(s):
  • http://citeseerx.ist.psu.edu/v... (external link)
  • http://www.hbgary.com/wp-conte... (external link)
  • Suggested articles


    To submit an update or takedown request for this paper, please submit an Update/Correction/Removal Request.