About Me
George Kurtz
Worldwide CTO
Chief Technology Officer & Executive Vice President Former CEO of Foundstone, and current worldwide ...
Feeds & Podcasts
Corporate Blogs
- Corporate Responsibility (33)
- CTO (41)
- EMEA President’s View (10)
- McAfee Channel (66)
- Partner (6)
- Value Chain Network (1)
Meet the Bloggers
Archive
- February 2012 (13)
- January 2012 (47)
- 2011 (482)
- 2010 (431)
- 2009 (395)
- 2008 (294)
- 2007 (416)
- 2006 (169)
Tags
#SecChat $1 million guarantee 12 Scams of Christmas access to live fraud resolution agents Acquisition Alex Thurber Android antivirus Apple botnet Channel Partners cloud security Compliance Consumer counter identity theft credit card fraud and protection credit fraud alerts credit monitoring credit monitoring and resolution critical infrastructure Cyber Security Mom cyberbullying Cybercrime cybermom data breach data center data center security Data Protection Dave DeWalt DLP Email & Web Security embedded encryption Endpoint Protection enterprise facebook fake anti-virus software Family Safety Friday Security Highlights global threat intelligence google government Hacktivism how to talk to kids how to talk to teens identity fraud identity fraud scams identity protection identity protection $1 million guarantee identity protection fraud identity protection surveillance identity surveillance identity theft identity theft expert identity theft fraud identity theft protection identity theft protection product Identity thieves and cybercriminals intel iphone kids online behavior lost wallet protection malware McAfee McAfee Channel McAfee Family Protection McAfee Identity Protection McAfee Initiative to Fight Cybercrime McAfee Labs McAfee security products Mid-Market Mobile mobile malware mobile security monitor credit and personal information Network Security online personal data protection online safety Operation Aurora PCI personal identity theft fraud personal information loss personal information protection phishing privacy proactive identity protection proactive identity surveillance Public Sector restore credit and personal identity Risk and Compliance scam scams scareware security smartphones social media social networking social networks spam Stuxnet twitter vulnerability Web 2.0 work with victim restore identity
Source Code Repositories Targeted In Operation Aurora
|
|
Operation Aurora continues to be a hot topic inside and outside of security circles. At this week’s RSA Conference in San Francisco many conversations are on the topic of the attacks that hit Google and dozens of other companies in January.
During a talk this afternoon Stuart McClure and I discussed how the attackers in Operation Aurora went after the crown jewels of the targeted companies, their intellectual property. Also, we disclosed some additional findings from the McAfee investigation into the attacks.
Specifically, we have concluded that, in several cases, the attackers executed precision strikes to gain access to source code configuration management systems (SCMs) at targeted companies. SCMs are used by software engineers to manage their projects and are used to store source code, the crown jewels of any tech company.
In our analysis of the attacks we found that the perpetrators went through several hoops to ultimately compromise the systems of the SCM users at the targeted organizations. This means that the attackers now had access to the SCM system and could siphon out source code or, worse, modify and add code.
As we continued our investigation, we realized that the SCM installations often aren’t properly secured. Many organizations have tight security around financial systems and other mission critical systems, but leave their intellectual property repositories broadly accessible. The company might have strong perimeter security, but once you’re in the SCM is readily available.
The SCM implementations were inherently insecure. A common SCM system we found in many of the Operation Aurora attacks, called Perforce, was researched by McAfee as to exactly how these attacks were targeting people with privileged access to intellectual property, including source code.
In the wake of Operation Aurora we published a white paper today that explores how SCM should be secured. We took a hard look at Perforce first and will look at other applications in the near future.
The main point: intellectual property is valuable, perhaps even more valuable than money, so it should be properly secured. If organizations today secured their financial assets as they secure their source code, they’d be broke.
You can follow George Kurtz on Twitter.
|
|
Tags: Cybercrime, intellectual property, Operation Aurora, Risk and Compliance
Comments (2)
Thanks for the source code article, very helpful!:-)
Verdasys is doing a lot of work in this area – see Bob Evans column this week over at Information Week:
http://www.informationweek.com/news/global-cio/security/showArticle.jhtml?articleID=223101636
Submit your own comments / message for this post