2010 has been a big year for security stories. We've put together a list of the biggest security problems that hit tech giants including Google, Cisco and McAfee.
Aurora attacks on Google
In what's come to be called the 'Aurora attacks', Google in January acknowledges valuable intellectual property was stolen via a network break-in during that past December, intimating China to be the origin of the cyberattack. About a dozen other high-tech and industrial companies appear to have been struck in similar fashion. The Chinese government says it doesn't know what they're talking about. Outraged over the cyber-intrusion, Google, which had been adhering to Chinese dictates regarding search-engine censorship, says it will defy them, putting its search-engine licence in China in jeopardy. But by year-end, under Chinese pressure, Google abandons its tactic of re-directing Chinese user traffic to its more liberal Hong Kong site and its renewed China license requires censorship.
China ISP takes internet for a ride
A small Chinese ISP called IDC China Telecommunication briefly hijacked the internet by sending out wrong routing data, which was re-transmitted by state-owned China Telecommunications, affecting service providers around the world. The event even made it into the '2010 US-China Economic and Security Review' commission report presented this November to US Congress, which pointed out for 18 minutes on April 8, China Telecom rerouted 15 percent of the internet's traffic through Chinese servers, affecting US government and military web sites. Widely reported, media attention raised the question of whether China was somehow testing a cyberattack capability, but China Telecom rejected those claims, calling the April traffic re-direction an accident.
McAfee goofs up by issuing a faulty anti-virus update - the now-infamous McAfee DAT file 5958 - which wreaked havoc on PCs of countless McAfee customers by causing malfunctions like the Microsoft 'Blue Screen of Death' and creating the effect of a denial-of-service. With CEO and President Dave DeWalt apologised profusely, McAfee worked to rush out various fixes for mistake, but some irate McAfee customers felt it all could have been done better.
Showtime for Cisco
Not the biggest data breach to be sure, but embarrassing for a networking company that wants the world to consider it a leader in security, having the sales to show for it -- and that's Cisco. Someone hacked into the list of attendees for the Cisco Live 2010 users' conference, a security breach that led Cisco to notify the customers as well as a broader group with dealings with the company. Though Cisco prefers to keep mum on some details, it appears a vendor told Cisco that someone had made "an unexpected attempt to access attendee information through ciscolive2010.com", the event site. Cisco said the breach was closed quickly, "but not before some conference listings were accessed". The compromised information consisted of Cisco Live badge numbers, names, title, company addresses and email addresses. Cisco apologised by email to both attendees and those who were invited but didn't attend.