By Tony Romm - 02/18/10 04:23 PM EST
Industry experts believe more than 75,000 computers at nearly 2,500 companies around the world were the subjects of a historic cyberattack that spanned almost two years, according to reports.
A Northern Virginia firm last month discovered the massive breach, widely considered one of the most sophisticated and wide-ranging cyberattacks to date. They traced the concerted effort to a criminal ring operating out of Eastern Europe, which they said used "bots" to infect a user's computer and transmit the private information back to one of 20 command servers worldwide.
Ultimately, the attack's targets seemed to be health and information technology firms, primarily those in the U.S., Saudi Arabia, Egypt, Turkey and Mexico.
Hackers accessed the credit card and login data of countless users working in those fields — industries in which privacy and protection of digital information are of utmost importance — perhaps in an attempt to sell that data to other criminal rings.
However, analysts were quick to note that the newly discovered cyberattack is unrelated to a security breach that hampered many Google users last month. That attack instead originated in China, and it may have explicitly targeted human-rights activists operating within the country, according to reports. An investigation into that breach remains under way.
But both incidents could prove weighty enough to rile lawmakers on Capitol Hill, who have lagged in recent months in passing a comprehensive cybersecurity bill.
The House passed legislation last year that would study U.S. networks and make key security recommendations, but the Senate seems poised to consider a more far-reaching, actionable bill. However, the latter proposal — spearheaded by Sens. Jay Rockefeller (D-W.Va.) and Susan Collins (R-Maine) — has yet to even reach the markup stage.