InBoxRevenge KS Forum

The targeted attacks that hit Google, Adobe, and other U.S. organizations are still ongoing and have affected many more companies than the original 20 to 30 or so reported by Google and others.

Security experts who have worked on forensics investigations and cleanup of the victim organizations from the attacks that originated out of China say they are also getting closer to identifying the author or authors of the malware used to breach Google and others.

Hoglund says HBGary was able to identify "markers" specific to the way the Aurora developer wrote the malware. But he says his firm did not include this in its new report. "This is not in the report because we don't want him to know what we know about his coding," he says. "[It] is algorithmic in nature."

Called the Aurora Inoculation Shot, this utility will remotely scan Windows machines over the network for signs of Aurora and can remove the malicious software as well. It uses the Windows Management Instrumentation services to carry out the inoculation.

Although Aurora has been linked to attacks on just 34 companies, the software has captured the attention of corporate executives, because some believe that is connected to a widespread industrial espionage campaign originating from China.

A series of online attacks on Google and dozens of other American corporations have been traced to computers at two educational institutions in China, including one with close ties to the Chinese military, say people involved in the investigation.

Evidence acquired by a United States military contractor that faced the same attacks as Google has even led investigators to suspect a link to a specific computer science class, taught by a Ukrainian professor at the vocational school.

The two schools whose servers were used are Shanghai Jiaotong University, a prestigious institution in China akin to Caltech, and Lanxiang Vocational School, both of which have links to the top ranks of information security specialists in China, said one of the sources. Neither source was authorized to speak on the record. The connection to the schools was first reported Thursday night on the New York Times Web site.

I have some friends from China who find the idea of actually paying for music or movie downloads amusing

I think this attitude is pervasive in many countries unfortunately.