There is no peace for enterprises in this world, recently we have discovered how much vulnerable are giants of IT, one after another, fell the most renowned names.
Up until now Apple weren’t affected … but now the company from California has also been victim of an attack, hackers targeted some of its employees’ machines as part of the same wave of attacks against a meaningful number of companies all over the world.
Apple today confirmed to Reuters that it hit by cyber attacks as part of the series of hacking campaigns that targeted US news agencies and other enterprises.Unknown hackers have hit employee’s computers adopting same techniques implemented during the attacks to Facebook, Apple’s workers were infected when they visited a compromised website for software developers. The malware hosted on the infected website had been designed to attack Mac computers and exactly as happened during other attacks it exploited a flaw in a version of Oracle Corp’s Java software used as a plug-in on Web browsers.
“Security firm F-Secure wrote that the attackers might have been trying to get access to the code for apps on smartphones, seeking a way to infect millions of end-users. It urged developers to check their source code for unintended changes. Apple disclosed the breach as tensions are heating up over U.S. allegations that the Chinese military engages in cyber espionage on U.S. companies.” -Reuters
The situation is critic, similar attacks could expose sensitive information of millions of users, the vulnerabilities related to Java software are representing a serious problem for IT security because they are most exploited during the attacks and don’t forget the Java platform is already installed on billions of machines, also remind that all popular softwares such as Adobe Systems Flash are targeted by cyber criminals and state sponsored hackers during the attacks.
“Apple has identified malware which infected a limited number of Mac systems through a vulnerability in the Java plug-in for browsers. The malware was employed in an attack against Apple and other companies, and was spread through a website for software developers. We identified a small number of systems within Apple that were infected and isolated them from our network. There is no evidence that any data left Apple. We are working closely with law enforcement to find the source of the malware.Since OS X Lion, Macs have shipped without Java installed, and as an added security measure OS X automatically disables Java if it has been unused for 35 days. To protect Mac users that have installed Java, today we are releasing an updated Java malware removal tool that will check Mac systems and remove this malware if found.” -Apple
Fortunately Apple has immediately started the incident response procedures planning to release a security update later today. We are convinced that attacks are originate from China, just today, Mandiant published an interesting report on APT1 & China’s cyber espionage units accused to be the first information collector of foreign governments and enterprises.Big enterprises need a “preventative approach” and is necessary to implement a layered security model to evaluate a wide range of indicators that can provide indication on the presence of an attack in progress.