Juniper Networks Inc. (NYSE:JNPR) and Symantec Corp. (NASDAQ:SYMC) said Thursday that they were investigating a widespread cyber-espionage incident that has hit dozens of technology companies, including Google Inc. and Adobe Systems Inc.
Sources familiar with the situation say that 34 companies, most of them large Fortune 500 names, were hit by a sophisticated cyber-attack, first uncovered by Google last month. The attackers used a previously unknown “zero-day” attack on Internet Explorer, and possibly other techniques, to break into company networks and steal sensitive information.
The Washington Post reports that Yahoo Inc. (NASDAQ:YHOO), Dow Chemical Co. (NYSE:DOW) and aerospace firm Northrop Grumman Corp. (NYSE:NOC) were also attacked.
Juniper and Symantec both acknowledged that they were investigating incidents, but stopped short of saying they had been hacked or of providing any details.
“As the world’s largest security provider, we are the target of cyber-attacks on a regular basis. As we do with all threats, we are thoroughly investigating this one to ensure we are providing appropriate protection to our customers,” Symantec said in a statement.
“Juniper Networks recently became aware of, and is currently investigating, a cyber security incident involving a sophisticated and targeted attack against a number of companies,” a company spokeswoman said in an e-mail message. “We take these incidents seriously and as with any investigation of this nature, we do not disclose details.”
Although IT administrators have long cited China as the source of many cyber-attacks, it is extremely difficult to say whether this malicious traffic is actually originating in China or merely passing through. The fact that Google seems to think that China is behind the attacks — a strong enough conviction that it has threatened to stop doing business in China — is exceptional, however.
Google discovered a command and control server being used to send instructions to hacked machines, and was able to notify and identify other victims based on that information. According to Google the companies that were targeted include the Internet, finance, technology, media and chemical businesses.
The search engine company may suspect Chinese government sponsorship of the attacks, but the company’s chief legal counsel David Drummond told U.S. National Public Radio Thursday that the company doesn’t have definitive evidence that the Chinese government was involved.
Human rights groups, government agencies and defense contractors have been targeted by this type of attack in the past, but the fact that so many major international companies could be hit is a wake-up call to U.S. businesses.
“It shows that even the biggest and the most sophisticated companies will always come in second place when they’re matched with a big foreign intelligence service,” said James Lewis a director with the Center for Strategic and International Studies.
Huntsville, Ala.-based Northrop Grumman, whose products include the B2 bomber and F-14 fighter said it does not comment on specific attacks. “Northrop Grumman, like most industries and government organizations, is at risk of cyber attacks ranging from the most complex to the simple hacker,” a company spokeswoman said via e-mail.
Yahoo wouldn’t say whether it had been hit. Dow Chemical could not be reached immediately for comment.