British researchers at internet security firm, Sophos are warning that internet spies have targeted the European aerospace industry, reports Sky News.
In what is known as a "zero-day" attack, which exploits a hitherto unknown vulnerability in Microsoft’s Windows operating system, Sophos said an aerospace supplier had been "deliberately targeted".
The cyber spies infected the company’s website with malware which then infects the computers of people visiting it – giving the spooks invisible and total control over the infected system.
The vulnerability was first noticed a few days ago by Google, which warned some of its Gmail users that there had been attempts to break into their accounts or hack their computers using the hole in the Windows system.
Google warned then that it believed the attack on its clients was "state-sponsored".
The overwhelming majority of computers in the world run Windows. So far Microsoft has published a "workaround" to paper over the gap in their system, but researchers are anxious that the software giant should publish a "patch" as soon as possible.
The targeted nature of the attack led Sophos to speculate that it was likely to be a state-sponsored espionage operation.
They also warned that now that the vulnerability had been identified on the internet, it would soon be used by outright criminal elements.
Graham Cluley, a cyber security consultant at Sophos, said: "It’s just a matter of time before the money-stealing elements who operate on the internet start using it to harvest the accounts of ordinary people.
"Don’t underestimate the seriousness of this vulnerability.
"It’s being actively exploited in the wild, and there is currently no patch available for it."
As a result, Sophos has raised its threat level rating to its highest level – ‘critical’.
Sophos does provide protection against the exploit – but the best solution of all would be to have a proper fix from Microsoft.
And for now, at least, we’re waiting to see when that’s going to appear."
The British Government estimated losses to business and individuals from cyber crime and the theft of business intelligence at £29bn a year.
In the last 12 months there has been a surge in cyber spying. Most recently, the Flame malware was identified as a spying tool being used in the Middle East and Iran.
Tehran’s nuclear industry was attacked by the Stuxnet virus two years ago. Another fast-spreading tool known as Duqu has been found harvesting information from European power generating companies.
Many experts believe that the scale of cyber espionage is so large now that it amounts to an outright war.
China is known to be the most aggressive of the nations prosecuting this conflict in cyberspace.