All the latest UK technology news, reviews and analysis
|
|
|
20 Apr 2010
The hacking attacks on Google earlier this year were much worse than previously believed, according to a report in The New York Times.
The paper quotes "someone with direct knowledge of the investigation" as saying that the hackers managed to steal Google's Gaia password system, described as one of the company's "crown jewels".
The system controls access to all Google log-in accounts, including webmail and the firm's business applications.
It was previously believed that the hackers took individual log-in details but, if the report is true, the breach was considerably more severe.
Google is notoriously secretive about Gaia and rarely discusses it in public, which may provide a clue as to why the company has been so tight-lipped about the incident.
The insider also told The New York Times about the methods used to gain access to Google's systems.
"The theft began with an instant message sent to a Google employee in China who was using Microsoft's Messenger program," he is quoted as saying.
"By clicking on a link and connecting to a 'poisoned' web site, the employee inadvertently permitted the intruders to gain access to his (or her) personal computer, and then to the computers of a critical group of software developers at Google's headquarters.
"Ultimately, the intruders were able to gain control of a software repository used by the development team."
The hackers then transferred the stolen code to computers operated by web hosting firm Rackspace, from where they were sent to an unknown destination.
Google appeared at first to be open about the attacks, and blogged about them almost immediately, but has not yet responded to a request for comment on the fresh claims.
Latest stories from Security
Related articles
Related jobs
Poll
What is the most important IT priority for your company this year?
Connect with V3.co.uk
This paper focuses on a series of best practices and techniques for development teams looking to improve their software development processes
Why good data management at all levels is essential in the modern business (video, 6mins)
Leading Investment Bank seeks a Business Analyst with...
Linux Systems Administrator, Linux Engineer, (Mid Level...
Software Engineer - Java, C/C++, Android, NLP, AI, Machine...
Front End Developer - Online Gaming - London Key Words...
Keep up to date with the latest products, services and technologies from the world's leading IT companies. IThound.com brings you over 2,000 white papers, case studies and analyst reports.
Do you agree?
comment
So, it wasn't a sophisticated Chinese hacker army who attacked Google. It was a simple STUPID mistake by clicking on an unknown link which are everywhere in e-mail box.
Posted by: E-mail user 21 Apr 2010
This is real fact
This is real fact of those people who don't consider their work is very important. Most of the employee in China, yes i've seen these incidents, not to take their job seriously. They do not have knowledge or common sense what's allowed or not allowed to do. I've seen a company with many employees in China downloading movies, songs or other torrent files.
Posted by: and 21 Apr 2010
gookle
DUH!! who do you think hacked them. It obvious who has a grudge...serves them right for employing people in third world @^%$holes they supposedly pulled out of. When will companies learn that they gain nothing by outsourcing other then to reduce quality and security of their products.
Posted by: John Doe 21 Apr 2010
Funny...Google Employee on Windows Messengers
Funny that google got burnt cause one of their employee was using Microsoft chat client and not google chat client... haha
Posted by: who cares 21 Apr 2010
CHINEESE ROCKS
We Should Also Congradulate Chineese Peoples Ability To Hack Googles servers One Of The Most Protected Servers In The World......
Posted by: JESWIN 21 Apr 2010
comment
What kind of IDIOT would do such a thing? Does anyone have any sense these days? HELLO!!!....Don't click on links you don't know about. STUPID!
Posted by: sven golly 20 Apr 2010
former employee?
I bet it should read: "The theft began with an instant message sent to a former Google employee in China who was using Microsoft's Messenger program," he is quoted as saying.
Posted by: dustypenguin 20 Apr 2010
Windows on development machine?
Don't use windows to access servers with this type of information on them! It's just dumb to do so!
Posted by: Tom 20 Apr 2010