t byfield on Wed, 27 Jan 2010 14:00:28 +0100 (CET)

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

<nettime> social networking 1.0


Hackers target friends of Google workers

By Joseph Menn in San Francisco

Published: January 25 2010 23:47 | Last updated: January 25 2010 23:47

Personal friends of employees at Google, Adobe and other companies were
targeted by hackers in a string of recently disclosed cyberattacks,
raising privacy concerns and pointing to a highly sophisticated
operation, security experts said.

Cybersecurity experts analysing the attacks said the hackers spied on
individuals and used other sophisticated techniques, making them
extremely difficult to stop. The disclosures come amid renewed alarm
over cybersecurity after Google said it had been the target of a series
of cyberattacks from China.

The most significant discovery is that the attackers had selected
employees at the companies with access to proprietary data, then learnt
who their friends were. The hackers compromised the social network
accounts of those friends, hoping to enhance the probability that their
final targets would click on the links they sent.

"We're seeing a lot more up-front reconnaissance, understanding who the
players are at the company and how to reach them," said George Kurtz,
chief technology officer at security firm McAfee.

"Someone went to the trouble to backtrack: 'Let me look at their
friends, who I can target as a secondary person'."

McAfee discovered that a previously unknown flaw in Microsoft's Internet
Explorer had been used in the attacks. Mr Kurtz said the attackers also
used one of the most popular instant messaging programmes to induce
victims to click on a link that installed spy software.

Another element of the attack code used a formula only published on
Chinese language websites, said Joe Stewart, a researcher for security
firm SecureWorks. Mr Stewart also found that some of the code had been
assembled in 2006, suggesting that the campaign had been not only well
organised but enduring.

The evidence pointed to a government-sponsored effort that only large
spy agencies or perhaps some of the most advanced big companies could
have withstood, experts said. China on Monday described accusations it
was behind cyberattacks as "groundless".

Sam Curry, vice-president of security firm RSA, said: "This is a loud
message for the commercial world, which is: wake up, this isn't all
happiness and goodness and new business.

"Doing business on the internet is as risky as sending ships through the
Panama Canal."

(c) The Financial Times Limited 2010

#  distributed via <nettime>: no commercial use without permission
#  <nettime>  is a moderated mailing list for net criticism,
#  collaborative text filtering and cultural politics of the nets
#  more info: http://mail.kein.org/mailman/listinfo/nettime-l
#  archive: http://www.nettime.org contact: nettime@kein.org