The account hijackings were a result of stolen passwords, likely by malware installed on victims' computers or through victims' responses to e-mails from malicious hackers posing as trusted sources. That type of hack is named phishing. Gmail's security systems themselves were not compromised, Google said.
The company believes the phishing assault emanated from Jinan, China. In addition to the U.S. government personnel, other targets included South Korean government officials & federal workers of several other Asian countries, Chinese political activists, military personnel & journalists.
Secretary of State Hillary Clinton addressed the issue Thursday morning.
"The Department of Homeland Security is aware of Google's message to its customers," said Chris Ortman, a spokesman for the agency. "We are working with Google & our federal partners to review the matter, offer analysis of any malicious activity, & create solutions to mitigate further risk."
The news comes a tiny over a year after a separate hack originating from China affected Gmail accounts of Chinese human rights activists. In that case, attackers could break through Google's security systems, & Gmail accounts were hacked.
"Google informed the State Department of this situation yesterday in advance of its public announcement," he said. "These allegations are very serious, they take them seriously, we are looking in to them, & because this will be an ongoing inquiry I would refer you to first Google for any details that they can share at this time, & to the FBI, which will be conducting the inquiry."
On Thursday, after the latest cyber assault, a Chinese official insisted that his government takes the assaults seriously.
That cyber assault set off a series of events that finally led to Google ending its agreement with the Chinese government to censor definite search results, & the company physically moved its servers in a foreign country.
This time around, the hack appears larger in scope -- but Google itself was not attacked. A person with knowledge of the attack's details said there was no apparent correlation between last year's assault & this.
"We firmly oppose computer hacking or any illegal activity that harms net security & will severely punish anyone engaging in such activity according to law," said foreign ministry spokesman Hong Lei. "Computer hacking is an international issue & China is as well as a victim. Any accusation linking China to such activity is baseless & with ulterior motives."
A spokesman from Google declined to comment on how the company obtained the information about the latest hack. Public information, user reports & a third-party hacking weblog called Contagio was used to select the scope, targets & source of the assault.
แสดงบทความที่มีป้ายกำกับ Google แสดงบทความทั้งหมด
แสดงบทความที่มีป้ายกำกับ Google แสดงบทความทั้งหมด
วันพฤหัสบดีที่ 2 มิถุนายน พ.ศ. 2554
Google Says Hackers in China Stole Gmail Passwords
It is the second time Google has pointed to an area of China as the source of an Web intrusion. Its latest announcement is likely to further ratchet up the strain between the company & Chinese authorities.
In a weblog post, the company said the victims included senior government officials in the United States, Chinese political activists, officials in several Asian countries, military personnel & journalists.
The more recent assaults were not as technically advanced, relying on a common method known as phishing to trick users in to handing over their passwords. But Google�s announcement was unusual in that it put a spotlight on the scale, apparent origins & carefully selected targets of a coordinated campaign to hijack e-mail accounts.
Last year, Google said it had traced a sophisticated invasion of its computer systems to people based in China. The accusation led to a rupture of the company�s relationship with China as well as a choice by Google not to cooperate with China�s censorship demands. As a result, Google decided to base its Chinese search engine in Hong Kong.
Google acknowledged that it had been alerted to the issue in part by Mila Parkour, a security researcher in Washington who posted facts of a kind of phishing assault on her weblog in February. He documented examples of what has recently been described as a �man-in-the-mailbox� assault, in which the intruder makes use of the account of victim & his e-mail contacts to gain the trust of a new victim.
Google said that four times the intruders had logged in to the accounts, they could modify settings for mail forwarding so that copies of messages would be sent to another address. The company said it had �disrupted� the campaign & had notified the victims as well as government agencies. Executives at Google declined to comment beyond the weblog post. The company recommended that Gmail users take additional security steps, like using a Google service known as two-step verification, to make it more difficult to compromise their e-mail accounts. But it emphasized that the password thefts were not the result of a general security issue with Gmail.
He highlighted a fake document titled �Draft US-China Joint Statement� that was circulated among people with e-mail accounts at the State Department, the Defense Department, the Defense Intelligence Agency & Gmail. Clicking to download the document directed users in lieu to a fake Gmail log-in page that captured their passwords.
Ms. Parkour wrote that the system used in this assault �is far from being new or sophisticated,� but that he was posting information about it because of �the invasive approach of the assault.�
�We have no reason to think that any official U.S. government e-mail accounts were accessed,� Ms. Hayden said in an e-mail.
Caitlin Hayden, a spokeswoman for the National Security Council, said the White House was looking in to the matter.
At the time, government & school officials strongly denied any connection with the assault, & China�s foreign ministry said linking the Chinese authorities to such assaults was �baseless, highly irresponsible & hype with ulterior motives.�
Google said the assaults apparently originated in Jinan, a provincial capital in eastern China. The city is a regional command middle for the Chinese military, of three in the country. It is also home to the Lanxiang Vocational School, which was founded with military support. Last year, investigators looking in to the assault on Google�s systems said they had traced some of the hacking activity back to the school.
Chinese government media officials were not immediately available to comment on Google�s latest announcement.
That earlier assault appeared to be aimed at gathering information on human rights activists who were involved in political campaigns aimed at China. It was part of a wave of assaults that hit a range of American companies beginning in mid-2009 & that was first publicly disclosed by Google in January 2010.
Rafal Rohozinski, a network security specialist at the SecDev Group in Ottawa, said it was impossible to lay blame for the campaign on the Chinese government with any certainty. Because of the borderless nature of the Web, it is simple for intruders to connect through a series of countries to mask their identities. �The fact that somebody is harvesting Gmail credentials is not surprising,� Mr. Rohozinski said.
This year, the Chinese government has stepped up its controls over the Web within the country, with increased scrutiny of news & weblog sites, in the wake of political upheaval in North Africa & the Middle East.
Security specialists said the Google warning to users was an indication that efforts to place the responsibility for Web security on individuals was failing.
The government has also apparently crippled some virtual private network services, or VPNs, which have been used by Chinese & expatriates to gain access to corporate e-mail or get around controls that block lots of Web pages from being entered in China, like YouTube, Facebook & Twitter.
�I think this is impossible to solve by going to user at a time & trying to teach them how to behave on the Web,� said Nir Zuk, founder & chief expertise officer of Palo Alto Networks. �It doesn�t matter how much schooling you put in to it � you will always have finish users that will make a mistake.�
John Markoff reported from San Francisco & David Barboza from Shanghai.
In a weblog post, the company said the victims included senior government officials in the United States, Chinese political activists, officials in several Asian countries, military personnel & journalists.
The more recent assaults were not as technically advanced, relying on a common method known as phishing to trick users in to handing over their passwords. But Google�s announcement was unusual in that it put a spotlight on the scale, apparent origins & carefully selected targets of a coordinated campaign to hijack e-mail accounts.
Last year, Google said it had traced a sophisticated invasion of its computer systems to people based in China. The accusation led to a rupture of the company�s relationship with China as well as a choice by Google not to cooperate with China�s censorship demands. As a result, Google decided to base its Chinese search engine in Hong Kong.
Google acknowledged that it had been alerted to the issue in part by Mila Parkour, a security researcher in Washington who posted facts of a kind of phishing assault on her weblog in February. He documented examples of what has recently been described as a �man-in-the-mailbox� assault, in which the intruder makes use of the account of victim & his e-mail contacts to gain the trust of a new victim.
Google said that four times the intruders had logged in to the accounts, they could modify settings for mail forwarding so that copies of messages would be sent to another address. The company said it had �disrupted� the campaign & had notified the victims as well as government agencies. Executives at Google declined to comment beyond the weblog post. The company recommended that Gmail users take additional security steps, like using a Google service known as two-step verification, to make it more difficult to compromise their e-mail accounts. But it emphasized that the password thefts were not the result of a general security issue with Gmail.
He highlighted a fake document titled �Draft US-China Joint Statement� that was circulated among people with e-mail accounts at the State Department, the Defense Department, the Defense Intelligence Agency & Gmail. Clicking to download the document directed users in lieu to a fake Gmail log-in page that captured their passwords.
Ms. Parkour wrote that the system used in this assault �is far from being new or sophisticated,� but that he was posting information about it because of �the invasive approach of the assault.�
�We have no reason to think that any official U.S. government e-mail accounts were accessed,� Ms. Hayden said in an e-mail.
Caitlin Hayden, a spokeswoman for the National Security Council, said the White House was looking in to the matter.
At the time, government & school officials strongly denied any connection with the assault, & China�s foreign ministry said linking the Chinese authorities to such assaults was �baseless, highly irresponsible & hype with ulterior motives.�
Google said the assaults apparently originated in Jinan, a provincial capital in eastern China. The city is a regional command middle for the Chinese military, of three in the country. It is also home to the Lanxiang Vocational School, which was founded with military support. Last year, investigators looking in to the assault on Google�s systems said they had traced some of the hacking activity back to the school.
Chinese government media officials were not immediately available to comment on Google�s latest announcement.
That earlier assault appeared to be aimed at gathering information on human rights activists who were involved in political campaigns aimed at China. It was part of a wave of assaults that hit a range of American companies beginning in mid-2009 & that was first publicly disclosed by Google in January 2010.
Rafal Rohozinski, a network security specialist at the SecDev Group in Ottawa, said it was impossible to lay blame for the campaign on the Chinese government with any certainty. Because of the borderless nature of the Web, it is simple for intruders to connect through a series of countries to mask their identities. �The fact that somebody is harvesting Gmail credentials is not surprising,� Mr. Rohozinski said.
This year, the Chinese government has stepped up its controls over the Web within the country, with increased scrutiny of news & weblog sites, in the wake of political upheaval in North Africa & the Middle East.
Security specialists said the Google warning to users was an indication that efforts to place the responsibility for Web security on individuals was failing.
The government has also apparently crippled some virtual private network services, or VPNs, which have been used by Chinese & expatriates to gain access to corporate e-mail or get around controls that block lots of Web pages from being entered in China, like YouTube, Facebook & Twitter.
�I think this is impossible to solve by going to user at a time & trying to teach them how to behave on the Web,� said Nir Zuk, founder & chief expertise officer of Palo Alto Networks. �It doesn�t matter how much schooling you put in to it � you will always have finish users that will make a mistake.�
John Markoff reported from San Francisco & David Barboza from Shanghai.
สมัครสมาชิก:
ความคิดเห็น (Atom)