This is considered as one of the largest sophisticated cyber attacks ever. Over 75,000 computers in 2,500 companies all around the world has been attacked. It is believed that the attack was started as early as 2008.
The hack targeted credit-card transaction details, emails, corporate data and information in companies who are into health care and information technology industry. Even computer networks at Google were not spared in this attack. Companies in 196 countries were hacked during the last 1 year. The criminal groups involved in this attack are now targeting countries like China and Russia.
Amit Yoran, Chief Executive at NetWitness states, “The traditional security approaches of intrusion-detection systems and anti-virus software are by definition inadequate for these types of sophisticated threats.” He also added, “The things that we ‘industry’ have been doing for the past 20 years are ineffective with attacks like this. That’s the story.”
The hackers followed the process of luring employees in targeted firms to download infected software. These software were from sites again controlled by the same hackers. When the software was downloaded, it controlled the entire computer system and scraped all their login credentials, online banking information, social network login details and other sensitive information. The hackers were also able to intrude with infected attachments in emails.
Yoran said, “”Because they’re using multiple bots and very sophisticated command and control methods, once they’re in the system, even if you whack the command and control servers, it’s difficult to rid them of the ability to control the users’ computers.”
The malware that was downloaded had the power to retrieve any information that the hackers wanted from an infected computer system. The computers affected were mostly United States, Egypt, Turkey, Mexico and Saudi Arabia.