Caledonian Mercury: Scottish news, stories and intelligent analysis from Scotland's first truly online newspaper
You are here: Home / Technology / Severity of Chinese Google attack revealed

Severity of Chinese Google attack revealed

March 1, 2010 by Nick Clayton · Leave a Comment 

 
 

GoogleIt’s gradually becoming clear just how much of a threat is represented by the hacking attack on Google at the beginning of the year which led to the search engine giant threatening to withdraw from China. Investigators from US security company iSec Partners say at least 33 other companies were hit by the “Aurora” exploit, and probably more than 100.

Many of those businesses were not particularly big which is worrying given that a company the size of Google was compromised. The report <a href="https://www.isecpartners.com/files/iSEC_Aurora_Response_Recommendations.pdf" rel="nofollow"from iSec concludes: “Even most Fortune-500 companies will not be able to assemble security teams with the diversity of skills necessary to respond to this type of incident.”

(It should be pointed out that the report also sees this as a business opportunity for security firms.)

In this case the repercussions could be far wider than simply boosting the income of a few technology firms. At a time when dissidents in countries such as Iran, Burma and China are making increasing use of internet services, the Google hackers potentially exposed their identities to the authorities.

Their exploits also exposed the vulnerability of many internet business models which rely on the collection of vast amounts of data to find correlations to use for marketing.

The methodology of the Google hackers was not new. They used tools which are relatively easy to obtain on the internet as the “Darkmarket” trial revealed on the BBC last week.

It’s something of a sport for hackers to try and find security holes in computer programs. The most valuable in the online underworld are known as “zero-day exploits”. These are vulnerabilities that haven’t yet been discovered by the software companies.

What appears to have made the Chinese Google hackers so successful was their organisation and patience as much as their access to zero-day tools. Generally malicious hackers will use methods that are less than subtle. They’ll attempt to crack passwords, for instance, by hurling billions of combinations of characters at a log-in until they find one which works. Or they’ll send out millions of “phishing” emails in the hope that a small percentage of the recipients will hand over personal information.

As these attacks are software-driven it’s generally relatively easy to create software protection. The Google hackers took a more subtle approach. They spent months collecting information about the anti-virus programs used by their targets and, more importantly the responsibilities and friendships of the staff. Much of this is readily available from social networking sites such as Facebook and LinkedIn.

Armed with this information the hackers were able to send e-mails and instant messages which appeared to originate from within organisations. Most network security is focused on protecting the “front door” leaving information to flow freely inside a business. It’s not hard to see how difficult it could be to persuade people not to trust enquiries apparently emanating from a colleague.

The nature of the Chinese attacks poses a real threat to the business model of companies such as Google. They are collecting increasing amounts of data from search activity, emails and now geographical location, thanks to the growth in mobile phone internet access. This so-called “psychographic” data can be used to target marketing and advertising more precisely.

It is information users give freely, often because it seems convenient, harmless and perhaps useful. Most would probably echo Google CEO Eric Schmidt’s attitude which he revealed in a television interview just before Christmas 2009: “If you have something that you don’t want anyone to know, maybe you shouldn’t be doing it in the first place.”

The public attitude could change quickly if their personal data is seen as being available to criminals, unscrupulous businesses and authoritarian governments. It’s not clear whether the information gathered by the Chinese Google hackers has been used against dissidents, but the potential is there. It could only take one or two high profile cases to change public opinion on how much information they’ll give away.

We certainly havent seen the last of the repercussions of the Chinese attacks on Google.

Share and Enjoy:
  • Digg
  • del.icio.us
  • email
  • Reddit
  • Slashdot
  • StumbleUpon
  • Mixx
  • Fark
  • Technorati

Related posts:

  1. Google takes a big swipe at Microsoft Office Google has launched what is widely seen as a full...
  2. Google’s row with China might suit both sides Google’s decision to stop censoring searches in China sounds as...
  3. The Cold War 2.0: Apple vs Google Apple seems to have been taking lessons from the Cold...
  4. Google grabs picture-editing site Picnik Online photo-editing website Picnik has been bought by Google. This...
  5. Facebook topples Google as king of the web … kinda Is Facebook the new Google? For the whole of last...

Filed under Technology · Tagged with , , , , , , , , , ,

Speak Your Mind

Tell us what you're thinking...
and oh, if you want a pic to show with your comment, go get a gravatar!