Social engineering was key to Google hack

Chinese hackers carried out long reconnaissance of employees of Google and more than 20 other companies in the run-up to last...

Chinese hackers carried out long reconnaissance of employees of Google and more than 20 other companies in the run-up to last week's attacks, according to security researchers.

The cyber attackers were able to install spyware on the most resilient of networks by manipulating key employees who had access to sensitive data to click on malicious links.

The hackers targeted key employees by sending messages from contacts and friends to make messages containing the malicious links plausible.

There is evidence that attackers are using a lot more up-front reconnaissance to find out who has access to sensitive data and how to reach them, according to George Kurtz, chief technology officer at security firm McAfee, in an interview with the Financial Times.

Kurtz, who led a team that discovered a flaw in Microsoft's Internet Explorer browser which played a key role in the Google attacks, said attackers also used one of the most popular instant messaging programs to induce victims to click on a link that installed spy software.

Across the board, security and privacy advisors have said the attacks disclosed by Google should be a call to action for all businesses.

The attacks on Google confirm the threat of pervasive and sophisticated espionage attacks on all organisations, said Alan Paller, director of research at the Sans Institute.

The attacks also prove that most commercial security tools are ineffective and the challenge facing many companies is not just keeping attacks out, but dealing with them once they are inside.

The only proven strategy, he said, is to get access to teams of people with the right skills, such as a deep understanding of both system vulnerabilities and attack methods.

Reverse engineering and targeted counter-intelligence will be key tools for any company serious about fighting back to protect its information, said Paller.

Security commentators have acknowledged that the Google attacks have shown that many organisations are ill-equipped to protect their information and may have been infiltrated without knowing it.



Enjoy the benefits of CW+ membership, learn more and join.

Read more on IT risk management

Start the conversation

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.