Companies Pursuing M&A in China Frequently Hacker Targets

In doing some additional background reading on Operation Aurora, I came across an article at Dark Reading that contained an intriguing quote.

Published online on February 10, the article reported that the hack attacks that hit Google, Adobe, and other U.S. organizations were continuing and had affected far more companies than the original 20 or 30 victims reported by Google and others.

The provocative comment comes later in the article, however. It is provided by Kevin Mandia, CEO of forensics firm Mandiant. In discussing the origins of the Operation Aurora malware and the advanced persistent threats (APTs) it unleashed, Mandia said he noticed that many of the firms that were victimized had something in common.

“We see patterns that just make us curious. If you’re doing merger and acquisition work in China, you’re targeted, We’ve seen when we respond to client sites [that were attacked] a lot of legal counsel, external counsel, and C-level executives [targeted] in M&A with China.”

In a Wired article, Mandia said: “If you’re a law firm and you’re doing business in places like China, it’s so probable you’re compromised and it’s very probable there’s not much you can do about it.”

In this case, it seems, being forewarned does not equate to being forearmed.

As HP waits to learn whether its acquisition of 3Com — an ostensibly American company with most of its operations and employees in China — will be approved by China’s Ministry of Commerce (MOFCOM), it might want to batten down the security hatches, just in case.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s