Chinese Government Suspected for Hacking Google

No Comments

From Popular Science

"A Chinese cyber-assault on Google and more than 30 other U.S. companies was the most sophisticated online attack ever seen outside of the defense industry, according to experts from anti-virus firm McAfee interviewed by Wired. Google announced on Tuesday that it would no longer censor information on its search portal per Chinese government rules, and may stop doing business in China entirely."

"The Guardian reports that Verisign's iDefense Labs, a U.S. security firm, has traced the attacks back to the Chinese government or entities acting on behalf of the government."

From Wired: (Quoted from Operation Aurora)
"Hackers seeking source code from Google, Adobe and dozens of other high-profile companies used unprecedented tactics that combined encryption, stealth programming and an unknown hole in Internet Explorer, according to new details released by the anti-virus firm McAfee."

"Google announced Tuesday that it had been the target of a “highly sophisticated” and coordinated hack attack against its corporate network. It said the hackers had stolen intellectual property and sought access to the Gmail accounts of human rights activists. The attack originated from China, the company said."

"Once the user visited the malicious site, their Internet Explorer browser was exploited to download an array of malware to their computer automatically and transparently. The programs unloaded seamlessly and silently onto the system, like Russian nesting dolls, flowing one after the other."

"Google announced Tuesday that it had discovered in mid-December that it had been breached. Adobe disclosed that it discovered its breach on Jan. 2."

"The sophistication of the attack was remarkable and was something that researchers have seen before in attacks on the defense industry, but never in the commercial sector. Generally, Alperovitch said, in attacks on commercial entities, the focus is on obtaining financial data, and the attackers typically use common methods for breaching the network, such as SQL-injection attacks through a company’s web site or through unsecured wireless networks."

DISCLAIMER: The quoted text above is not my work! They are property of Popular Science and Wired respectively.

Comments are closed for this post