New Google Cyber Attack Details Emerge

Martin Brinkmann
Apr 20, 2010
Updated • Sep 20, 2016
Gmail, Google
|
6

Back In January Google revealed information about a cyber attack that had been carried out against the company. The information released at that time was scarce but the impact was huge as it made Google rethink its Chinese market strategy when it became clear that China was behind the attacks.

No information was provided how the attack was carried out. Google back then believed that the intention of the attackers was to access Gmail accounts of Chinese human rights activists.

An article in the New York Times (removed because of paywall) yesterday revealed additional information about the attack.

The article describes that the attack began by sending an instant message to a Google China employee who was using Microsoft Messenger. The employee clicked on the link and by doing so connected to a specifically prepared website that gave the intruders access to the personal computer from where they managed to gain access to computers at Google's headquarters in the US.

Among the data that the attackers managed to steal was a program named Gaia which is also known as Single Sign-On. This program enables Google account owners to sign-on just once to use all Google services.

The attackers could analyze the Gaia source to find new vulnerabilities for future attacks. Google, only hours after the attack, tightened the security of their computer networks and services to prevent further attacks.

What do we learn from this?

  • At least some Google employees fall for phishing and other attacks just as easily as the average Internet user.
  • The attacks were precise and planned in advance. The attackers knew about their targets and managed to steal information and data.
  • That it might be a good idea to change the Google account password.

Users who have not changed the password of their Google account recently might want to consider doing so right now.

Summary
Article Name
New Google Cyber Attack Details Emerge
Description
New details about the recent attack on Google that originated from China emerged including details on how the attack was carried out.
Author
Publisher
Ghacks Technology News
Logo
Advertisement

Tutorials & Tips


Previous Post: «
Next Post: «

Comments

  1. DanTe said on April 20, 2010 at 6:31 pm
    Reply

    Oh, and I definitely changed my Google password when I heard about that China attack.

  2. DanTe said on April 20, 2010 at 6:30 pm
    Reply

    I change my passwords whenever I believe a system is compromised. Otherwise, I don’t frequently change it unless some idiot MIS guy insists on it in the network policies. Than it’s a simple numeric routine: password1 password2 password3. As one may guess, these frequently changed passwords sucks at security.

  3. kingpin said on April 20, 2010 at 4:57 pm
    Reply

    No,Martin,frequent change of passwords is not a good idea,it actually becomes easy for hackers to guess or exploit the users account.I have been using a complex password for half a decade and never had a problem with it.

    1. Martin said on April 20, 2010 at 5:02 pm
      Reply

      Kingping, I would merely change it for the reason that they might have snagged other data as well from the Google servers, who knows.

Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

We love comments and welcome thoughtful and civilized discussion. Rudeness and personal attacks will not be tolerated. Please stay on-topic.
Please note that your comment may not appear immediately after you post it.