The Register® — Biting the hand that feeds IT

Feeds

Morgan Stanley hit by same attackers that breached Google

The 'real Aurora attacks (not the crap in the news)'

By Dan Goodin, 1st March 2011
  • print
  • alert

Cloud based data management

Morgan Stanley was hit by a “very sensitive” breach to its network by the same attackers who penetrated computer systems maintained by Google and dozens of other companies, according to leaked emails reviewed by Bloomberg News.

The emails came from California-based HBGary, which suffered a major compromise of its own at the hands of hackers from Anonymous. After being hired by Morgan Stanley in 2010, HBGary members found that the world's top merger adviser fell prey to the so-called Aurora hacks, which siphoned source code and other sensitive data from the victim companies over a period of many months.

“They were hit hard by the real Aurora attacks (not the crap in the news),” Phil Wallisch, a senior security engineer at HBGary, wrote in one email.

In a May 10 email to HBGary President Penny Leavy-Hoglund, Wallisch wrote: “They have given me access to a very sensitive report on their Aurora experience. I will honor their wishes about not sharing the info with anyone, but the good news is that I have some great ideas for our final reports.”

A spokeswoman for Morgan Stanley declined to comment on the emails.

Morgan Stanley hired HBGary in 2010 to handle suspected network breaches. The attackers “successfully implanted software designed to steal confidential files and internal communications,” Bloomberg reported, citing dozens of HBGary emails. ®

Regcast training : Hyper-V 3.0, VM high availability and disaster recovery

COMMENTS

House Rules Send Corrections
All Reader Comments (6)
Highly Rated
JaitcH

HBgary fails again? Their rep is way down the drain

This is just another hit on the reputation of HBgary and the gullibility of IT managers of HBgary's reputed infallibility. Sounds like that technique that many of us experience - run this free anti-viru test then they try to sell you a program.

Perhaps the SEC should check up on trading emanating from China and HongKong to see if there were unusual trades following these intrusions.

2
0
ElReg!comments!Pierre

Not to mention...

...that part of the HBGary hack was performed thanks to an unpatched escalation privilege hole on a Linux box.

I am very much NOT platform-agnostic, I am even a rabid *NIX fanboy, but I can recognise a stone in my garden when I see one. That's a prerequisite when you want to avoid history repetition...

0
0
Anonymous Coward
Reply Icon

@doperative

actually you'll find a lot more linux desktops at morgan stanley than most other institutions.

0
0

More from The Register

breaking news
Number of cops abusing Police National Computer access on the rise
Only a telegram from the Queen can get you off it
136
breaking news
NSA PRISM snoop-gate: Won't someone think of the children, wails Apple
10,000 things probed, mostly about missing kids, Alzheimer patients, we're told
96
Flash flaw potentially makes every webcam or laptop a PEEPHOLE
But it's a Google problem - Chrome only, insists Adobe
61
Internet fraud still stings suckers
Australians twice as gullible as Americans
36
breaking news
NSA PRISM-gate: Relax, GCHQ spooks 'keep us safe', says Cameron
Whatever they are up to, it's all above board, we're told
90
breaking news
Yahoo! joins! rivals! in! PRISM! data! request! admission!
Keep calm and carry on using American tech firms, folks
41
PRISM snitch claims NSA hacked Chinese targets since 2009
Snowden suddenly looks safer in Hong Kong after revelations
33
Speech-to-text drives motorists to distraction
Will talking to you mean I crash into that car up ahead, Siri?
30
DHS warns of vulns in hospital medical equipment
Has your doctor's anasthesia machine been hacked?
17
EU Justice Department stalls India's security clearance
Without a 'data secure destination' cert India's locked out of $30bn euro-sourcing market
17