Morgan Stanley was an undisclosed victim of the infamous Chinese ‘Aurora’ hacks of 2009, new emails leaked recently from security company HBGary have said. Morgan Stanley was an undisclosed victim of the infamous Chinese ‘Aurora’ hacks of 2009, new emails leaked recently from security company HBGary have said.“They (Morgan Stanley] were hit hard by the real Aurora attacks (not the crap in the news),” HBGary security expert Phil Wallisch wrote in a private email in May 2010 that was itself only released in the aftermath of an attack on the consultant by the Anonymous hacktivist group this February.“They have given me access to a very sensitive report on their Aurora experience. I will honor their wishes about not sharing the info with anyone, but the good news is that I have some great ideas for our final reports,” he continued.The success of the attack and what was being targeted is still a mystery but Morgan Stanley has refused to comment on the emails. It now looks as if the scale of attacks might never have been made public at all had Google not made a public pronouncement on the topic on 12 January 2010 in a blog that claimed many other companies had been affected.Morgan Stanley’s policy of non-disclosure chimes with a separate and recent set of alleged Chinese attacks on US and UK energy companies, which also only came to light as a result the same HBGary leaks. Whatever their true scale, the Aurora attacks are considered a turning point in the way the the US Government treats such events. Within hours of the attacks being made public in January 2010, US Secretary of State Hillary Clinton publically upbraided China for its alleged involvement. Related content news Is China waging a cyber war with Taiwan? Nation-state hacking groups based in China have sharply ramped up cyberattacks against Taiwan this year, according to multiple reports. By Gagandeep Kaur Dec 01, 2023 4 mins Cyberattacks Government news Apple patches info-stealing, zero day bugs in iPads and Macs The vulnerabilities that can allow the leaking of sensitive information and enable arbitrary code execution have had exploitations in the wild. By Shweta Sharma Dec 01, 2023 3 mins Zero-day vulnerability feature The CSO guide to top security conferences Tracking postponements, cancellations, and conferences gone virtual — CSO Online’s calendar of upcoming security conferences makes it easy to find the events that matter the most to you. By CSO Staff Dec 01, 2023 6 mins Technology Industry IT Skills Events news Conti-linked ransomware takes in $107 million in ransoms: Report A ransomware campaign linked to the ostensibly defunct Conti malware group has targeted mostly US businesses, in a costly series of attacks. By Jon Gold Nov 30, 2023 4 mins Ransomware Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe