Cyber security is one factor that many organizations, as well as individuals around the world, have to deal with almost on a regular basis. Many of cyber criminal activities usually target large corporations or prominent people in different industries. Similarly, cyber criminals usually have a clear motive and are driven by various factors. Different if not all high profile cyber threats are often well planned and thoroughly executed with the primary aim of achieving their goals. Research also shows that they often have well-played tactics for carrying out their criminal activities. On the same note, further studies reveal that most cyber criminals also conduct research on their intended targets to master their methods of operations with the aim of hitting the right target. These malicious people are focused, calculative and use advanced technology to attack their objectives. Therefore, this work researches on the Operation Aurora attack and explains how the threat took place.
Operation Aurora is the name given to the cyber-attack that affected at least thirty large organizations in America. Some of the companies impacted by this cyber-attack included Google, Internet Explorer, Adobe, and Microsoft Corporation (Shwatz, 2013). The cyber-attack in these big companies was associated with three advanced persistent threats. The first one was the need to define their target. The existing report on this case reveals that the cyber criminals knew the exact companies to attack. They also had a motive and knew how to maneuver about their information systems or databases to get what they wanted. Further studies indicate that the criminals did not just attack any random firms. However, they had defined targets and knew the exact organizations to focus on.
Delegate your assignment to our experts and they will do the rest.
The second advanced persistent attack evident in the Operations Aurora is that of covering tracks and remaining undetected. The existing data reveals that the attackers from China used sophisticated zero-day vulnerability techniques to affect functions and operations within their target firms. On the same note, they used powerful malware that made them anonymous and undetected for a long time. Studies reveal that it took the company some hours to detect that a malicious person had accessed their information illegally (TechTarget, 2016). Many if not all the affected firms noticed the security breach as soon as it happened. This happened because the hackers used powerful malware to cover their tracks and obtain information without being seen immediately.
Another advanced persistent threat notable in the Aurora attack was that of deployment. Once the attackers decided on the range of firms to attack and the type of information to steal, they choose to deploy the strategy. It is clear that they used various means to implement their strategy and achieve their goals. For example, they used different techniques such as malware and zero-day vulnerability to access organizational files. Research shows that they could have obtained access to a password from one user and used it to feed the malware in one laptop or computer and spread the malware to a series of other networked computers in an organization (Varma & McAfeeLabs, 2013).
The first technique that the Aurora operation attackers used was malware. Research reveals that malware is illegal software designed by cyber criminals to obtain information illegally from the owner’s information system. Once they have it, they send it to one or two target computers of the company whose information they want to steal. The malware works by gaining access to the computer in which the information is stored. Once there, it aids the criminals in accessing information without the nations. The malware is capable of overriding passwords and other firewalls used to protect organizationally and personal data. It then sends the information and copies it back to the hacker or attacker without the leaders and employees in the company realizing. Malware can work for a long time before it is detected and a security or data breach is reported.
The other method used by the cyber criminals is the zero-day vulnerability approach, a technique that is very sophisticated and is used by talented people. A zero-day vulnerability is a method that allows cyber criminals to take over the entire computer systems within an organization. In so doing, they aim to jeopardize the operations of the firms. The technique also makes it possible for the attackers to make configuration changes in the attacked systems, install different applications, and operate without any restrictions. In short, they had full control over the firm's firewalls could do anything and have access to all sorts of information stored in their information systems and online databases. The zero-day vulnerability makes the target more vulnerable to cyber-attacks and makes sure that attackers have more ease of access to organizational and personal information.
When the attack occurred on December 11 of the year 2009, the affected firms suffered various harm associated with the cyber security threat. The first harm was that the attackers were able to get access to sensitive court-ordered documents that had information about the human rights activists from China. The attackers also gained access to various high profile accounts of people whose names were not supposed to be known to the public. They aimed to make the identities of the prominent people public for their malicious reasons. On the same not, the attackers also hampered the operations in most of the organizations.
The cyber-criminal theft on companies such as Gogol leads to the stealing of intellectual properties from the firm. The ability to steal intellectual property also meant that the thieves were in possessions of critical information that impact of the firm's progress. Similarly, the use of malicious programs such as malware also made it hard for the leaders in the company to detect any security breach immediately. Therefore, the attack also led to a hindrance in the daily organizational operations. It also resulted in financial losses in the firms because they had to incur a lot of money to investigate the occurrence. The fact that the attackers installed new software in the information system also leads to adaptability issues.
For example, the employees could have been forced to change their browsers and use new ones, which they were not used to. The employees of the firm could have been obliged to use other methods of data access that they were not used to. Similarly, the ability to steal intellectual property and cause data breaches in the organizations also led to a major setback in these firms because they had to come up with new methods of protecting their information from malicious people. The aftermath results in a reduction in the number of clients because some clients are usually quick to judge cyber threats due to a useful understanding of how the people operate.
What happened as the result of the attack is that the firm lost intellectual properties. Some of them had their high profile client accounts hacked into and so had to come up with immediate measures of avoiding further attacks by changing their browsers and tightening their security. The attacked firms also reported the cases to the necessary authorities and launched an investigation into the matter. They later found out that the attack originated from China, and the attacker’s primary motive was to get information about the compassionate people working in the US but the information is deemed classified to the public.
References
Varma, I. & McAfeeLabs. (2013). Combating Aurora. McAfee Labs.
Shwatz, M. (2013). Google Aurora Hack Was Chinese Counterespionage Operation. darhreading.com.
TechTarget. (2016). Operation Aurora.
