In one of the largest and most sophisticated cyberattacks to date, a Northern Virginia security firm has identified attacks on 75,000 computer systems at nearly 2,500 companies around the world.

NetWitness, the security firm, says the attacks began in late 2008 and were only discovered last month. Targets included proprietary corporate data, emails, credit-card transaction data and login credentials. Companies were targeted in the health and technology industries in 196 countries.

Amit Yoran, NetWitness's chief executive, said news of the attacks underscore that most companies are unable to defend themselves.

"The traditional security approaches of intrusion-detection systems and anti-virus software are by definition inadequate for these types of sophisticated threats," Yoran said. "The things that we--industry--have been doing for the past 20 years are ineffective with attacks like this. That's the story."

The Wall Street Journal features a graphic to outline how the attack spread and what countries were effected. The damage is still being assessed by NetWitness, but the disclosure of the hack attack raises new questions about how much protection companies really have and what measures they can take to heighten the security against attacks.

Yoron said the attack was spotted when a NetWitness engineer spotted the scheme when he was installing technology for a large corporation to hunt for cyberattacks.

The full list of companies attacked was not revealed. But a partial list includes the following: Merck, Cardinal Health, Paramount and Juniper Networks.

For more on these attacks:
- see the Washington Post article
- see this Wall Street Journal article

Related Articles:
U.S. protesting China cyberattacks
China fingered on cyberattacks on U.S. government
Foreign attacks hit blogs