Morgan Stanley Was Hit By Chinese Hackers

In 2009, Morgan Stanley was hit by the same Chinese hackers who targeted Google, according to HB Gary

The spectre of Chinese hackers has raised its head again with the news that the investment bank, Morgan Stanley, was “hit hard” by the same computer hackers who attacked Google early last year.

The news came to light after emails from Internet security specialist HB Gary Federal were leaked by the hacktivist group Anonymous. According to Sophos, Anonymous stole the emails from California-based HB Gary Federal during a hacking attack in early February.

HB Gary provided internet security for Morgan Stanley, and the firm was apparently targeted by Anonymous because Aaron Barr, the head of security services at HBGary, claimed to have details of the leaders of the Anonymous group which he said would be turned over to the FBI.

Following the attack, Anonymous published the HB Gary emails on the Internet. HB Gary has confirmed the messages were stolen and has declined to comment on their content.

Aaron Barr has since resigned.

Hit Hard

The HB Gary emails reportedly reveal how Morgan Stanley was “hit hard” by the six-month long Aurora attack that began in June 2009.

The nickname Aurora was created by McAfee, who said that the six month attack marked “a watershed moment in cyber security.” It is thought that a total of 200 companies were affected by the attack, including Google.

The news is noteworthy, as banks and financial institutions traditionally remain very tight lipped about fraud and hacking attempts on their systems, and details of these attacks are almost never seen in public.

“They [Morgan Stanley] were hit hard by the real Aurora attacks (not the crap in the news),” read an email sent by Phil Wallisch, a senior security engineer at California-based HB Gary Federal, who said he had read an internal Morgan Stanley report detailing the so-called Operation Aurora attacks.

“They have given me access to a very sensitive report on their Aurora experience,” Wallisch wrote in a 10 May email to HBGary President Penny Leavy-Hoglund, and reported by Bloomberg. “I will honour their wishes about not sharing the info with anyone, but the good news is that I have some great ideas for our final reports.”

It seems that the emails do not reveal what information, if any, was stolen from Morgan Stanley.

No Comment

According to the Guardian, Morgan Stanley declined to comment specifically on the Operation Aurora attack. “Morgan Stanley invests significantly in IT security and manages a robust programme to deal with malware and attempted computer compromises,” a spokeswoman told the newspaper.

Morgan Stanley spokeswoman Sandra Hernandez also told Bloomberg that the New York-bank did not comment comment specific attacks.

“Like any other company in our industry we deal with malware and attempted computer compromises as a matter of conducting business and work with law enforcement where appropriate,” Hernandez told Bloomberg by phone.

Google China Exit

The Aurora attacks became common knowledge after Google in January 2010 almost triggered a diplomatic incident.

The controversy began when Google threatened to pull out of China on 12 January 2010 in light of a cyber-attack in December 2009. Google claimed the attack originated from China. Google also said it uncovered repeated attempts to break into the Gmail accounts of Chinese human rights activists.

During the row, there were suspicions that the Chinese government was behind the Operation Aurora attacks, a claim it has strenuously denied. However the attacks fuelled escalating tensions between the US and China and led Secretary of State Hillary Clinton to call on China to investigate Google’s claims and make the results public.