Remember last week, during his State of the Union address, when President Barack Obama said he'd pass an executive order on cyber-security because "foreign countries and companies swipe our corporate secrets"? Sure you do, but you forgot all about it after that one guy ruined his speech by taking the hilarious, awkward gulp of water.
Turns out there may have been something to Obama's accusation about foreign companies swiping corporate secrets. Facebook announced last week that they had been hacked, and Apple announced Tuesday morning that they'd also been hacked in the worst-ever cyber-attack on Apple computers.
Both hacks were performed in the exact same fashion, and a leading cyber-security firm has announced they've identified a suspect—a secret Chinese military unit operating clandestinely out of Shanghai.
It all sounds like something out of a Jason Bourne movie, but here's what we know. Apple admitted today that Apple employees' computers were hacked, according to Reuters. "Apple Inc. was recently attacked by hackers who infected the Macintosh computers of some employees," said the Reuters report, calling this breach "the widest known cyber attacks against Apple-made computers to date."
The attack appears to target employees of certain companies, not average people sitting at home surfing the web. The hackers apparently hid their malicious virus inside a website used by high-level corporate software engineers. When the software engineers visited the site, they were infected through a tiny but dangerous loophole in the Java plug-in of their web browser.
That all sounds familiar to the software engineers at Facebook, because last week Facebook admitted they were hacked in precisely the same fashion. Both Apple and Facebook insist that they have patched the vulnerability, and that no user data was compromised.
Here's where it gets interesting, and perhaps a little scary. Facebook and Apple are not the only companies who were hacked—they're the only companies who have admitted they were hacked. The Reuters report notes that "hundreds of companies, including defense contractors, had been infected with the same malicious software, or malware."
One of the top US cyber-security firms is on the case, and they are quite confident they've found the culprit. The name of the cyber security firm is Mandiant, and their allegations are astonishing. Mandiant tells The Associated Press that they've traced the hack to a secret Chinese military unit.
"Mandiant alleges that it has traced a massive hacking campaign on U.S. businesses to a drab, white 12-story office building outside Shanghai run by ‘Unit 61398’ of the People's Liberation Army," according to The Associated Press. "Mandiant says it was time to call out China for its systematic hacking and that releasing as many details as possible will help security professionals."
We'll leave the detective work and espionage stuff to the professionals. But if you're concerned that your Apple or Mac may be infected with the malicious virus, Apple says they will release an updated tool to remove the malware. The tool is not available yet, but watch the Apple support page because Apple claims they will make the tool available today.