New Google Cyber Attack Details Emerge
Back In January Google revealed information about a cyber attack that had been carried out against the company. The information released at that time was scarce but the impact was huge as it made Google rethink its Chinese market strategy when it became clear that China was behind the attacks.
No information was provided how the attack was carried out. Google back then believed that the intention of the attackers was to access Gmail accounts of Chinese human rights activists.
An article in the New York Times (removed because of paywall) yesterday revealed additional information about the attack.
The article describes that the attack began by sending an instant message to a Google China employee who was using Microsoft Messenger. The employee clicked on the link and by doing so connected to a specifically prepared website that gave the intruders access to the personal computer from where they managed to gain access to computers at Google's headquarters in the US.
Among the data that the attackers managed to steal was a program named Gaia which is also known as Single Sign-On. This program enables Google account owners to sign-on just once to use all Google services.
The attackers could analyze the Gaia source to find new vulnerabilities for future attacks. Google, only hours after the attack, tightened the security of their computer networks and services to prevent further attacks.
What do we learn from this?
- At least some Google employees fall for phishing and other attacks just as easily as the average Internet user.
- The attacks were precise and planned in advance. The attackers knew about their targets and managed to steal information and data.
- That it might be a good idea to change the Google account password.
Users who have not changed the password of their Google account recently might want to consider doing so right now.
No,Martin,frequent change of passwords is not a good idea,it actually becomes easy for hackers to guess or exploit the users account.I have been using a complex password for half a decade and never had a problem with it.
Kingping, I would merely change it for the reason that they might have snagged other data as well from the Google servers, who knows.
I change my passwords whenever I believe a system is compromised. Otherwise, I don’t frequently change it unless some idiot MIS guy insists on it in the network policies. Than it’s a simple numeric routine: password1 password2 password3. As one may guess, these frequently changed passwords sucks at security.
Oh, and I definitely changed my Google password when I heard about that China attack.