Repurcussions from the breach of Google mail accounts have been far-reaching. Not only has Google gone public with threats to withdraw from the Chinese market if it's not allowed to offer an uncensored service, but millions of Internet Explorer users are worried about their own systems since it was revealed an Explorer flaw made the attacks possible.
Security company McAfee says Google was just one of a growing list of organisations that have been hit with similar breaches, which target intellectual property.
“This is the largest and most sophisticated cyberattack we have seen in years targeted at specific corporations,” says McAfee worldwide chief technology officer George Kurtz. “It is a watershed moment in cybersecurity because of the targeted and coordinated nature of the attack. As a result, the world has changed; organizations globally will have to change their threat models to account for this new class of highly sophisticated attack that goes after high value intellectual property.”
As part of the fallout of the attack, Windows users face a real and present danger due to the public disclosure of a serious vulnerability in Internet Explorer. And now the risk has been compounded because the attack code that exploits this Internet Explorer vulnerability has now been posted in the public domain, increasing the possibility of widespread attacks.
More than 30 organisations have reportedly been targeted by the same attack that hit Google and the list of victims continues to grow.
McAfee advises companies to follow these three steps to determine if they were impacted by the attack, which occurred over the December holidays and into early January:
* Verify that you are using the latest threat definition files and perform a full scan on all machines within your enterprise;
* Inspect network traffic history for communication with external systems associated with the attack; and
* Examine computers for specific files or file attributes related to the attack.
In the aftermath of the news, there have been calls for Internet Explorer users to ditch the browser, although Microsoft believes only older versions are vulnerable.