Savannah W-ITS

Hmm, imagine this – The C-HACK! of 2009

Update (2/7/2010) – it will be interesting to see ‘the facts’ for this event – A post by Bruce Schneier (1/23/2010) on the CNN web provides some additional thoughts, i.e. Are we doing this to ourselves? (Do our national policies increase the chances that these types of events will occur?)

Some updated links (1/16/2010) – Now Microsoft is indicating that there is a **Internet Explorer browser problem that is connected to this attack – more at Info Week.  More about the Aurora Attack on McAffee’s blog.

Hackers in China (or at least they appeared to be in China) HACKED Google’s Email service (Gmail)  some time in 2009.   Reportedly, ~30 companies were specifically targeted by this group? of hackers.  Also, there is an Adobe connection – [perhaps] a security issue with PDF documents/readers that is currently being addressed by Adobe.  Adobe also indicated that their network resources were attacked.  Server resources at hosting provider RackSpace.com also appears to have been involved in this hack attack.

• http://news.yahoo.com/s/ap/20100113/ap_on_hi_te/us_tec_gmail_security
• http://searchsecurity.techtarget.com/news/article/0,289142,sid14_gci1378755,00.html
• http://www.huffingtonpost.com/2010/01/13/google-hacking-results-in_n_422501.html
• http://www.cbsnews.com/stories/2010/01/13/ap/tech/main6093857.shtml
• http://www.wired.com/threatlevel/2010/01/google-hack-attack/

Now (1/12/2010) Google decides that it will no longer block access to it’s content (a  request from the Chinese government that Google previously agreed to…) The first few lines from a recent official Google Blog post indicates that the waters are a bit mixed at the moment: (http://googleblog.blogspot.com/2010/01/new-approach-to-china.html)

A new approach to China

Like many other well-known organizations, we face cyber attacks of varying degrees on a regular basis. In mid-December, we detected a highly sophisticated and targeted attack on our corporate infrastructure originating from China that resulted in the theft of intellectual property from Google. However, it soon became clear that what at first appeared to be solely a security incident–albeit a significant one–was something quite different.

First, this attack was not just on Google. As part of our investigation we have discovered that at least twenty other large companies from a wide range of businesses–including the Internet, finance, technology, media and chemical sectors–have been similarly targeted. We are currently in the process of notifying those companies, and we are also working with the relevant U.S. authorities…

So what? Hacking (from China or elsewhere) is not new…

Read the blog post – Google is taking a significant position (even if it is a reversal from it’s previous position.)  There are economic implications for both Google and Baidu (THE Chinese SE.)

Getting away from the search engines what does this mean for your and your web sites? Are you blocking ‘bad’ access to your networks and web sites?

Note – Google also (within the past few days) changed how Gmail works – it should now only use HTTPS (encrypted) network connections.  Seems that email content was being snarfed from wireless networks…

Related posts:

1. Google & China – some other thoughts This is not a technical video – it does, however,...
2. It happened to Google – are you next? Well, it happened to Google (and a number of other...
3. Hot Skills you say? – Google AppEngine site Here’s the URL for you – see where the jobs...
4. Another Google ‘index refresh’? Only a few hours after reporting SPAM in the Google...
5. GeoIP Blocking – examples for Apache The GOOD news – using the GeoIP module (mod_geoip.c.) can...