Cyber Espionage is a critical issue. Over 80 % of intellectual property is stored online digitally. The computing infrastructure in a typical Enterprise is more vulnerable to attack than ever before. Current security solutions are proving ineffective at stopping cyber espionage. Malware is the single greatest problem in computer security today. Yet, malware represents only the tip of the spear. The true threat is the human being who is operating the malware. This human and the organization represented is the true threat that is targeting information for the purposes of fi nancial gain, theft of state secrets, and theft of intellectual property. True threat intelligence requires reaching beyond malware infections to identify the individuals, country of origin, and intent of the attacker. 2 HB GARY THREAT REPORT: OPERATION AURORA THREAT SUMMARY The Aurora malware operation was identified recently and made public by Google and McAfee. This malware operation has been associated with intellectual property theft including source code and technical diagrams (CAD, oil exploration bid-data, etc). Companies hit have been publically speculated, including Google, Adobe, Yahoo, Symantec, Juniper Networks, Rackspace, Northrop Grumman, and Dow Chemical. The malware package used with Aurora is mature and been in development since at least 2006. The Aurora operation is characterized by a remotely operated backdoor program that persists on a Windows computer. This backdoor program has several capabilities that are outlined below
To submit an update or takedown request for this paper, please submit an Update/Correction/Removal Request.