In doing some additional background reading on Operation Aurora, I came across an article at Dark Reading that contained an intriguing quote.
Published online on February 10, the article reported that the hack attacks that hit Google, Adobe, and other U.S. organizations were continuing and had affected far more companies than the original 20 or 30 victims reported by Google and others.
The provocative comment comes later in the article, however. It is provided by Kevin Mandia, CEO of forensics firm Mandiant. In discussing the origins of the Operation Aurora malware and the advanced persistent threats (APTs) it unleashed, Mandia said he noticed that many of the firms that were victimized had something in common.
“We see patterns that just make us curious. If you’re doing merger and acquisition work in China, you’re targeted, We’ve seen when we respond to client sites [that were attacked] a lot of legal counsel, external counsel, and C-level executives [targeted] in M&A with China.”
In a Wired article, Mandia said: “If you’re a law firm and you’re doing business in places like China, it’s so probable you’re compromised and it’s very probable there’s not much you can do about it.”
In this case, it seems, being forewarned does not equate to being forearmed.
As HP waits to learn whether its acquisition of 3Com — an ostensibly American company with most of its operations and employees in China — will be approved by China’s Ministry of Commerce (MOFCOM), it might want to batten down the security hatches, just in case.