Editor’s Note: The title of this post is taken from the Conclusion section of the Symantec Security Response report, “The Elderwood Project,” following up on the Hydraq/Aurora Trojan horse attacks which began in 2009 against Google. The Symantec report is attached here. Below is the concluding paragraph of the report.
Any manufacturers who are in the defense supply chain need to be wary of attacks emanating from subsidiaries, business partners, and associated companies. It is possible that those trusted companies were compromised by the attackers who are then using them as a stepping-stone to the true intended target. Companies and individuals should prepare themselves for a new round of attacks in 2013 utilizing both Adobe Flash and Internet Explorer zero-day exploits. This is particularly the case for companies who have been compromised in the past and managed to evict the attackers. The knowledge that the attackers gained in their previous compromise will assist them in any future attacks.
Leave a Reply