Points to Consider After Recent Google Attack

Sue Marquette Poremba

Did China hack Google?


Somebody hacked into Gmail, with the aim to steal passwords and monitor email accounts, and the attack appears to have come from China. China, not surprisingly, is denying its involvement. But the attack is a big enough deal that the FBI is looking into it and Secretary of State Hillary Rodham Clinton made a comment, saying the allegations were "very serious."


According to a Yahoo article:

Google said Wednesday that personal Gmail accounts of several hundred people, including senior U.S. government officials, military personnel and political activists, had been exposed. Google traced the origin of the attacks to Jinan, China, the home city of a military vocational school whose computers were linked to a more sophisticated assault on Google's systems 17 months ago. The two attacks are not believed to be linked.

So what does all this mean? On his blog, Catalin Cosoi, head of the BitDefender Online Threats Lab, wrote:

Worst case scenario? Once all this data is secured, besides monitoring the email accounts' activity, an attacker can further trick the victims into additional e-threat schemes. One of them could be downloading malicious mobile phone applications to report essential data about the victims, such as their GPS position. While Android has gained an enormous popularity in China, Google has not opened a regional Android Market, which has only encouraged third parties to build their own markets, many of them swarming with such malicious applications (DroidDream or Geinimi).

In addition, Mike Paquette, chief strategy officer, Top Layer Security, sent me the following statement:

This Google attack is another example that supports the premise that: If your organization has any electronically stored information that could be of value to someone or some other organization, then you should assume that an attempt to access it will be made though some type of cyber attack or social engineering attempt. Email accounts of government officials or political figures clearly fall into this category.
Phishing attacks are becoming more targeted, and are using more target-relevant context to lure the recipients into providing information. However, motivations for phishing attacks continue to include theft, fraud, and other attempts at illicit financial gain as well as political activism.

Phishing attacks are requiring less user intervention. In fact, today, many of these attacks are no longer directly "asking" users to provide sensitive information, but instead rely on tempting the user to click on a hyperlink, launching their web browser to a malicious web site that will remotely exploit their computer, depositing malware that will simply steal the sensitive information and exfiltrate it. These newer "tempt-to-click" emails use many of the social engineering techniques of phishing or spear phishing, but silently steal keystrokes, files, cookies, or other pieces of sensitive information. Users need to be educated-unless you've requested the hyperlink, don't click on it!

Add Comment      Leave a comment on this blog post

Post a comment





(Maximum characters: 1200). You have 1200 characters left.




Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.