New Google Cyber Attack Details Emerge - gHacks Tech News

New Google Cyber Attack Details Emerge

Back In January Google revealed information about a cyber attack that had been carried out against the company. The information released at that time was scarce but the impact was huge as it made Google rethink its Chinese market strategy when it became clear that China was behind the attacks.

No information was provided how the attack was carried out. Google back then believed that the intention of the attackers was to access Gmail accounts of Chinese human rights activists.

An article in the New York Times (removed because of paywall) yesterday revealed additional information about the attack.

The article describes that the attack began by sending an instant message to a Google China employee who was using Microsoft Messenger. The employee clicked on the link and by doing so connected to a specifically prepared website that gave the intruders access to the personal computer from where they managed to gain access to computers at Google's headquarters in the US.

Among the data that the attackers managed to steal was a program named Gaia which is also known as Single Sign-On. This program enables Google account owners to sign-on just once to use all Google services.

The attackers could analyze the Gaia source to find new vulnerabilities for future attacks. Google, only hours after the attack, tightened the security of their computer networks and services to prevent further attacks.

What do we learn from this?

  • At least some Google employees fall for phishing and other attacks just as easily as the average Internet user.
  • The attacks were precise and planned in advance. The attackers knew about their targets and managed to steal information and data.
  • That it might be a good idea to change the Google account password.

Users who have not changed the password of their Google account recently might want to consider doing so right now.

Summary
Article Name
New Google Cyber Attack Details Emerge
Description
New details about the recent attack on Google that originated from China emerged including details on how the attack was carried out.
Author
Publisher
Ghacks Technology News
Logo




  • We need your help

    Advertising revenue is falling fast across the Internet, and independently-run sites like Ghacks are hit hardest by it. The advertising model in its current form is coming to an end, and we have to find other ways to continue operating this site.

    We are committed to keeping our content free and independent, which means no paywalls, no sponsored posts, no annoying ad formats (video ads) or subscription fees.

    If you like our content, and would like to help, please consider making a contribution:

    Comments

    1. kingpin said on April 20, 2010 at 4:57 pm
      Reply

      No,Martin,frequent change of passwords is not a good idea,it actually becomes easy for hackers to guess or exploit the users account.I have been using a complex password for half a decade and never had a problem with it.

      1. Martin said on April 20, 2010 at 5:02 pm
        Reply

        Kingping, I would merely change it for the reason that they might have snagged other data as well from the Google servers, who knows.

    2. DanTe said on April 20, 2010 at 6:30 pm
      Reply

      I change my passwords whenever I believe a system is compromised. Otherwise, I don’t frequently change it unless some idiot MIS guy insists on it in the network policies. Than it’s a simple numeric routine: password1 password2 password3. As one may guess, these frequently changed passwords sucks at security.

    3. DanTe said on April 20, 2010 at 6:31 pm
      Reply

      Oh, and I definitely changed my Google password when I heard about that China attack.

    Leave a Reply