We have seen and heard so much in the past week about the cyber attacks in mid-December on Google that originated from China that now the story has shifted. Of course assessing the damage and closing the holes that exist at Google are a main priority not to mention that Washington is pretty interested in putting more detail on China’s digital espionage exploits. In the midst of this though is a rumor that is being reported by Reuters that this may have all been an inside job done by Google staff in the China office.
Google is investigating whether one or more employees may have helped facilitate a cyber-attack that the U.S. search giant said it was a victim of in mid-December, two sources told Reuters on Monday.
Google, the world’s most popular search engine, said last week it may pull out of the world’s biggest Internet market by users after reporting it had been hit by a “sophisticated” cyber-attack on its network that resulted in theft of its intellectual property.
The sources, who are familiar with the situation, told Reuters that the attack, which targeted people who have access to specific parts of Google networks, may have been facilitated by people working in Google China’s office.
Google is calling any talk like this speculation and through a spokesperson refused to comment. The rumors include the denial of employees to internal network operations last week as a result of these discoveries. While it all appears to be speculation at this point it looks like this will get more interesting edpecially in light of Washington’s interest.
To review, this is what happened in a very 30,000 ft flyover kind of way.
Security analysts told Reuters the malicious software (malware) used in the Google attack was a modification of a Trojan called Hydraq. A Trojan is malware that, once inside a computer, allows someone unauthorized access. The sophistication in the attack was in knowing whom to attack, not the malware itself, the analysts said.
Espionage is nothing new so the ideas that these attacks took place shouldn’t come as any surprise to anyone. What seems to have most people concerned is that it happened to Google which has a reputation (whether it is perceived or real is not the point) that is does very little wrong. That image helps them stay away from being talked about regarding the amount of data they have on just about everyone and the real creepy stuff they could do with it.
Now, however, that reputation may have taken a shot because no matter how it happened, inside job or not, the search and Internet giant has been exposed as being as vulnerable as the next guy.
While Google wants to do no evil it better be very prepared for those who would love to do evil to them.