The Intel Intrusion: When Is a Hack Just a Hack?
Feb 25, 2010 5:00 AM PT
At about the same time in January that Google reported its infrastructure had been hacked, someone broke into Intel's systems. However, unlike Google, which reported the attack publicly and ended up getting the federal government involved, Intel kept relatively quiet about its intrusion.
The only mention Intel made of the attack was in its SEC 10-K filing.
That's because the chipmaker didn't believe that anything was stolen, spokesperson Chuck Molloy told TechNewsWorld. It's not yet clear whether the attack is connected with the one on Google.
Intel's still looking into the hacking incident and says it has no evidence that anything was taken. "To the best of our knowledge at this point, we can't say that we have any specific knowledge that any intellectual property has been lost," Molloy pointed out.
The incident was not out of the ordinary, Molloy said "We see hacks all the time," he added. "We have a very accomplished team of security experts who try and make sure that we don't lose any intellectual property and that our systems are secure."
Because of the apparent routine nature of the attack, Intel didn't go public with the news but did disclose it in its SEC 10-K filing as a risk factor. Other risk factors in the filing include fluctuations in demand, the high percentage of costs in semiconductor firms' business outlays, and competition.
"Did we hide the fact that we'd been attacked? No," Molloy said. "Did we disclose it as a risk factor? Yes. It's the unfortunate reality in today's environment that companies are attacked on a regular basis."
Indeed they are; the Federal Trade Commission has issued a warning to about 100 companies that their files may have been compromised through sharing on P2P networks, for example.
In fact, 75 percent of all enterprises were hit by hackers in the past 12 months, according to security research firm Symantec, and 41 percent of them said the attacks were effective to some extent. The information, revealed in Symantec's 2010 State of Enterprise Security Report, was gleaned from interviews with 2,100 enterprises worldwide.
Did Aurora's Light Shine on Intel?
Whether or not the hack was related to the one that hit Google has not yet been established. "We didn't say at the time that it was the same hack as Google," Molloy said. However, he wouldn't rule out that possibility.
The attack on Google also targeted at least 20 other large U.S. companies doing business in China. McAfee has named the attack "Operation Aurora" and described it as being highly sophisticated. There's been much speculation about the authors of the attack, which exploited a zero-day flaw in the Internet Explorer browser. Suspects range from hackers in China and Taiwan to students at two Chinese educational institutions to. Lately, a freelance security consultant in China has come under scrutiny.
As a result of the attack, Microsoft was forced to patch the IE flaw, and France and Germany suggested their citizens discontinue use of IE, at least temporarily. Google then reportedly brought in the National Security Agency to investigate the attack, sparking privacy concerns. The hack has also led to a war of words between the government of China and some high-ranking members of the U.S. government.
Targeted attacks against corporations and government sites are fairly frequent. One recent series of attacks, the work of the Kneber botnet, extensively compromised commercial and government systems.
Currently, the Senate is holding hearings on the U.S. Cybersecurity Amendment Act of 2009, which seeks to establish research into cyberattacks and how to implement cybersecurity education programs, among other things. The act, H.R. 4061, was overwhelmingly passed by the House of Representatives earlier this month.