Feeds

Aurora attack tried to pinch secret list of Chinese spies

Oops...looks like another US intelligence FAIL

Next gen security for virtualised datacentres

The Chinese hackers involved in the Operation Aurora attacks revealed by Google in 2010 may have accessed top secret information on US surveillance targets in the country including suspected foreign spies and terrorists, it has emerged.

Speaking anonymously to the Washington Post, “US officials” familiar with the infamous data breach said that the hackers may have gained valuable intelligence by accessing a highly sensitive database detailing court orders authorising the surveillance.

Although they said it was unclear how much the attackers managed to find out, such info could theoretically help a foreign power identify which of their operatives were under investigation.

“Knowing that you were subjects of an investigation allows them to take steps to destroy information, get people out of the country,” one official told the DC-based paper.

The findings echo comments made by Dave Aucsmith, senior director of Microsoft's Institute for Advanced Technology in Governments, at a Washington conference last month.

He revealed that an attempt was also made to breach Redmond’s systems to find out which email accounts “we had lawful wiretap orders on”, according to CIO.

When Google revealed the Aurora breach back in January 2010, the first time a major company had named and shamed Chinese hackers for an attack, chief legal officer David Drummond claimed: “we have evidence to suggest that a primary goal of the attackers was accessing the Gmail accounts of Chinese human rights activists.”

The firm even used the attacks, which it was careful never to attribute to the Chinese government, as one of its reasons to largely shutter its China search business, moving its servers to neighbouring Hong Kong.

The Chocolate Factory is offering no comment on these new revelations but if accurate, they don’t reflect too well on the effectiveness of its information security defences at the time.

Former CIA officer and SANS guest editor Christopher Burgess argued that Google should at least have expected something like this to happen:

If the PRC learned that their officers or surrogates were being subjected to official US Government inquiry via review of the Google data stores, they could follow two paths: tone down and extract the individual, or light up and misdirect the US security services. A key point is that any service provider which is subject to lawful intercept inquiries by the US Government (in this case for counter-intelligence purposes) has had fair warning - you are the target of nation states' CI programs.

®

The essential guide to IT transformation

More from The Register

next story
Goog says patch⁵⁰ your Chrome
64-bit browser loads cat vids FIFTEEN PERCENT faster!
Chinese hackers spied on investigators of Flight MH370 - report
Classified data on flight's disappearance pinched
NIST to sysadmins: clean up your SSH mess
Too many keys, too badly managed
Scratched PC-dispatch patch patched, hatched in batch rematch
Windows security update fixed after triggering blue screens (and screams) of death
Researchers camouflage haxxor traps with fake application traffic
Honeypots sweetened to resemble actual workloads, complete with 'secure' logins
Attack flogged through shiny-clicky social media buttons
66,000 users popped by malicious Flash fudging add-on
prev story

Whitepapers

Top 10 endpoint backup mistakes
Avoid the ten endpoint backup mistakes to ensure that your critical corporate data is protected and end user productivity is improved.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Backing up distributed data
Eliminating the redundant use of bandwidth and storage capacity and application consolidation in the modern data center.
The essential guide to IT transformation
ServiceNow discusses three IT transformations that can help CIOs automate IT services to transform IT and the enterprise
Next gen security for virtualised datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.