Morgan Stanley's computer networks were infiltrated in 2009 by the same China-based hackers who were behind Operation Aurora against Google, according to HBGary Federal e-mails leaked by Anonymous.
The same Chinese hackers who attacked Google appear to have also gone after
Morgan Stanley around the same time, according to leaked e-mails from security
firm HBGary Federal.
Morgan Stanley had a "sensitive breach" in which hackers attacked
its network for six months, beginning in June 2009, according to e-mails from
Phil Wallisch, a senior security engineer at HBGary Federal. Wallisch said
Morgan Stanley had identified the attackers as the same hackers who had hit
Google and several other major American companies as part of Operation Aurora.
"They were hit hard by the real Aurora
attacks," he wrote.
Operation Aurora was a series of
high-profile online attacks from China
targeting top United States
companies that began in June 2009 and lasted for several months.
George
Kurtz, chief technology officer for McAfee, had called Operation Aurora the
"largest and most sophisticated cyber-attack we have seen in years."
Morgan Stanley had given Wallisch access to an internal report investigating
the "sensitive breach," according to an e-mail he wrote to HBGary President
Penny Leavy-Hoglund in May. The e-mails indicate that Morgan Stanley considered
details of the intrusion a closely guarded secret, according to
a
Bloomberg article.
Wallisch never mentioned in any of his e-mails what, if anything, had been
stolen during the data breach, according to Bloomberg. There's also no mention
of which databases or systems had been targeted.
Morgan Stanley declined to comment on the e-mails or to confirm that it had
been hit by the Aurora hackers.
"Morgan Stanley invests significantly in IT security and manages a robust
program to deal with malware and attempted computer compromises," said a
spokesperson.
Initially, the number of companies that had been attacked were estimated at
20 or 30, but now the estimates run as high as 200 companies, Christopher Day,
senior vice president for Terremark Worldwide, told Bloomberg. Very few
companies have publicly acknowledged being compromised during the attack.
Google, Adobe Systems, Juniper Networks and Yahoo are some of the publicly
known victims.
Google announced
Jan.
12, 2010, the "highly sophisticated and targeted attack" by
hackers using China-based servers. The company made the announcement as hackers
were winding down their operation.
The intruders had exploited various security vulnerabilities in
Internet
Explorer that had previously been known only to Microsoft, according to
security experts who had analyzed the Aurora
attacks.
The attack was partly aimed at the Gmail accounts of Chinese human rights
activists, the company had said at the time. A senior member of China's
government at the "Politburo Standing Committee level" organized the
Google attack, according to leaked diplomatic cables that had been revealed by
WikiLeaks
earlier this year.
Morgan Stanley was the first financial institution targeted in Operation
Aurora, according to the leaked e-mails.
The e-mails were part of the more than 70,000 messages hacktivist group
Anonymous had stolen and posted in a searchable format on anonleaks.ch as a
result of its attack on HBGary and its HBGary Federal subsidiary in early
February. Anonymous had organized the attack in retaliation to comments made by
Aaron Barr, the former CEO of HBGary
Federal, in which he bragged to the Financial Times about having uncovered the
identities of several Anonymous leaders who had coordinated the distributed
denial of service attacks on PayPal, Visa and MasterCard for severing ties with
WikiLeaks.
Email
Print
