Gmail hit by cyberattacks from ChinaThursday, June 2, 2011
By Byron Acohido, USA TODAY 06/01/2011
Google on Wednesday disclosed that a cyberattack originating in China resulted in the breach of the Gmail accounts of hundreds of high-profile individuals in several nations. (Liu Jin, AFP/Getty Images file Google China headquarters in Beijing.)
The disclosure came a day after military officials in the U.S. and United Kingdom for the first time began publicly acknowledging that nation-sponsored cyberattacks can be an act of war. It also follows similar disclosures and news reports about computer break-ins at major defense contractors.
"Hackers and nation states are upping their game," says Dave Jevans, chairman of security firm IronKey. "These attacks are difficult to monitor and control."
It's well known that China and Russia have engaged in cyberespionage for decades, targeting Western governments and corporations. Traditionally, big agencies and companies have been loath to disclose breaches.
Cyberspying has intensified with the extensive use of the Internet. "It's a lot easier to hack into a system than it is to tap a phone line or break into an office and take pictures," says Harry Sverdlove, chief technology officer at security firm Bit9.
In a blog post, Eric Grosse, engineering director of Google's security team, described a campaign to collect Gmail users' passwords that he says appears to have originated in Jinan, China. The hackers targeted the accounts of "senior U.S. government officials, Chinese political activists, officials in several Asian countries (predominantly South Korea), military personnel and journalists."
The intruders monitored e-mail and used stolen passwords "to change peoples' forwarding and delegation settings," says Grosse.
Google issued instructions advising all Gmail users to shore up security of their accounts, a process Grosse says takes about 10 minutes.
Also this week, employees at defense contractor L-3 Communications were alerted about "penetration attacks." Fox News reported that Northrop Grumman recently curtailed remote network access, apparently in response to a cyberattack.
On Saturday, Lockheed Martin, Homeland Security and the Pentagon confirmed that the defense contractor's information systems had come under a "significant and tenacious" cyberattack.
Earlier this year, RSA disclosed that attackers had stolen data related to one-time passwords used to access buildings and online accounts.
Contributing: The Associated Press
China Aid Contacts
Rachel Ritchie, English Media Director
Cell: (432) 553-1080 | Office: 1+ (888) 889-7757 | Other: (432) 689-6985